SOC 2 Type 2 Security and What it Means for You
Security is not something that should be taken lightly in business, but especially for any business that is handling confidential, medical or financial information. When you think about the amount of sensitive information that can be stored on various company systems— desk and softphones, voicemail, call recordings, chat and collaboration tools, enlisting a responsible communications provider that has the proper security controls in place is more important than ever.
One of the key security audits quickly becoming the industry standard for communication providers is the SOC 2 Type 2 Report which validates the security of a provider’s infrastructures and services.
What is SOC 2 Type 2 and Why is it Important?
Service providers today need to demonstrate that they have adequate controls over data protection technologies and processes. The Service Organization Control (SOC 2) Type 2 Report is an independent third-party report performed in accordance with AT Section 101 of the American Institute of Certified Public Accountants (AICPA) professional standards and is based upon the Trust Services Principles. The SOC 2 Report focuses on a business’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system. The Trust Service Principles that SOC 2 is based upon are modeled around four broad areas: Policies, Communications, Procedures, and Monitoring. Each of the principles has defined criteria controls which must be met to demonstrate adherence to the principles and produce an unqualified opinion (no significant exceptions found during the audit). The SOC 2 Type 2 Report audits the implementation of these controls over a set period of time, and puts strict audit requirements in place to address the demands in the marketplace for assurance over non-financial controls. The trust principles predefine the criteria businesses must meet, making it easier for business owners to know what compliance needs are required and for users of the report to read and assess the adequacy.
Broadview Network is pleased to announce the successful completion of the SOC 2 Type 2 audit performed by Marcum, LLP for the Security trust principal which assessed and confirmed that ourdata centers are protected against unauthorized access both physical and logical. The completion of this audit demonstrates our unwavering commitment to deliver the highest security standards available in our industry.
Organization’s that are faced with compliance requirements around sensitive data, can leverage Broadview’s SOC 2 Type 2 Report as part of their compliance strategy. Click here for more information about Broadview’s approach to security and compliance.