SOC (System and Organization Control Requirements) was developed by the American Institute of CPAs (AICPA) to help address risk concerns for businesses that outsource services to a third party.
The SOC audit is an independent audit that takes an extensive look into the internal security controls a managed service provider (MSP) has in place to determine if they are properly managing the data security of their clients and delivering the services in their user agreements.
We chose to be SOC 2 audited for one simple reason—so that our partners know we follow the best practices in the IT industry and that we take no shortcuts in protecting their data.
The SOC 2 Report validates that we are qualified, professional, and follow the best practices in the IT industry.
Schedule a call with PCR President, Pat Carroll to learn more about our SOC 2, Type 2 certification.
The SOC 2 report defines the criteria for managing a client’s confidential data by breaking it down into five “trust services.” These criteria include security, availability, processing integrity, confidentiality and privacy.
How does the service provider protect their system against unauthorized access (hackers, rogue employees, malware, etc.)? This includes the security tools an MSP has in place such as two-factor authentication, firewalls, and intrusion detectors.
Is the system available for operation as agreed in your contract? The availability trust principle reports on performance monitoring; how an IT service provider handles disaster recovery (do they have a disaster plan in place and how long will it take them to get your business back up and running?); and security incidence handling.
Is the system doing what it’s supposed to? Is the system processing valid, timely, complete, accurate, and authorized information? The processing integrity principle includes data process monitoring and quality insurance procedures.
Is access to confidential data restricted only to the users who should have access to it? This includes the encryption, access controls, and network and application firewalls the MSP has in place to protect the data being stored and processed on their computer systems.
Refers to how your IT provider collects, uses, retains, discloses, and destroys personal information. Is it in accordance with their privacy notice? This is extremely important for any business that collects any type of personal data!
Two words—trust and reliability.
As we mentioned in the article “The Wild West of IT Services,” there are no official governing entities overseeing IT Providers. The SOC 2 audit is the only way to guarantee you are outsourcing your IT to a trusted and reliable company. The SOC 2 report eliminates time spent worrying about how your service provider is protecting your sensitive data so you can focus on running your business.
It’s amazing how many businesses entrust their most sensitive data to a third-party service provider without understanding the risks.
For example, did you know that if your Akron IT Provider gets hacked and your customers’ private data gets compromised, you could be liable? This is a very real threat if your MSP does not have the proper security measures in place. This is why SOC for MSP is so crucial.
What many businesses don’t realize is that their service provider is often the weakest link in their data security. In addition to being unregulated, IT firms in Akron, OH, are also often the targets of hackers. This is because IT providers hold the keys to the castle—meaning they store the customer data and passwords for many different clients—not just one business. Why hack one company when you can go after several all at once?
With data breaches becoming more and more common, it is imperative your business works with a company that has the strictest data security controls in place.
Remember, if your data is mishandled or compromised, it could leave your business vulnerable to attacks, data theft, and/or lawsuits that could potentially destroy your business. Working with an IT provider that is not SOC 2 compliant is not worth the risk!