What in the World is SOC 2?
BY IT GLUE | October 16, 2019
You may be aware that IT Glue is SOC 2 (Type 2) certified, but do you know what that actually means? There are a plethora of certifications out there, but we made sure to adhere to one that not only establishes a high standard, but is globally recognized.
System and Organization Controls (SOC) is a compliance standard developed by the AICPA. The SOC 2 designation is specific to organizations that store data in the cloud, and ensures that systems and processes meet a gold standard. SOC 2 mandates that companies establish and follow a rigorous standard of policies and procedures that meet the five information technology Trust Services Principles (TSPs) relevant to client data. The five TSPs are security, availability, processing integrity, privacy, and confidentiality.
What’s the Difference Between SOC 2 (Type 1) and SOC 2 (Type 2)
You may be wondering what the difference between SOC 2 (Type 1) and SOC 2 (Type 2) is. A company that has SOC 2 (Type 1) is a company that was verified to have acceptable security processes at a specific point in time. The further you are from that specific point in time, the less likely that company is to have those security processes still in place. SOC 2 (Type 2), is granted to organizations that have implemented SOC 2 controls effectively over a period of six months.
It’s the difference between cramming for a test and forgetting everything the next day, versus actually taking the time to master the material – you always want to go with SOC 2 (Type 2) when given the choice.
The Highest Standard
Passing the SOC 2 compliance required IT Glue to demonstrate the highest standard of security practice. Criteria pertains to physical infrastructure, software, personnel responsible for governance, automated and manual processes, and data. In short, it means that your data is safe when stored in IT Glue, and this claim is verified by a third party.
MSPs servicing customers in specific verticals, such as healthcare, require this certification to help them meet regulatory burdens such as HIPAA compliance. For those MSPs, you can be sure that using IT Glue supports you in meeting those standards.
This may or may not be a surprise to you but the GlueCrew also use the IT Glue platform for managing and organizing all of our information. As expected, having this as the backbone of our documentation eased a good portion of the burden that goes into successfully gaining the SOC 2 certification. Passing audits means not just having great practices, but being able to demonstrate those practices to auditors. IT Glue was able to do this because all critical SOPs, passwords, and other key information were safely stored in IT Glue.
Want to work with a documentation system you can trust? One that prioritizes speed, efficiency and security, without sacrifice? Give IT Glue a test drive – sign up now.