SOC 2 hosting confirms your service provider has all of the best internal practices in place to verify security, availability and privacy in your data hosting environment. SOC 2 reports on controls independent of an SSAE 16 (SOC 1) audit, and refers to controls specifically related to IT/data center service providers. A SOC 2 report is much more detailed than a SOC 3 report, and relates to non-financial controls of a service organization.
Online Tech's SOC 2 report audited of 174 control criteria with no exceptions, covering physical security, network security, logical security, training, exception management, policies, communications, system monitoring and delivery of managed services.
What does a SOC 2 report measure?
Physical and logical protection against unauthorized access.
The system is operationally available for use as committed or agreed.
- Processing Integrity
System processing is complete, accurate, timely and authorized.
All information is classified and protected as committed or agreed.
Personal information is collected, used, retained and transferred as committed or agreed.
The SOC 2 report affects companies that host or store large amounts of data, particularly data centers. Focusing on operational excellence and best practices, these reports are useful for management, regulators, stakeholders and others that need to trust a service organization’s system is standardized and up to code.
Types of SOC 2 reports:
- Type 1 – reports on the description of a data center’s system and suitability of its design of controls.
- Type 2 – report includes everything in Type 1 and the operating effectiveness of the controls (more useful since an auditor verifies that the reported controls actually work).
Who uses a SOC 2 report?
Management, regulators and others use a SOC 2 report to verify a service organization’s compliance with pre-defined benchmarks of excellence. SOC 2 reports are shared only under an NDA (non-disclosure agreement), and are generally not for public use.
With Online Tech, you can be certain your data is being hosted in a safe and audited environment with the best practices in place to guarantee optimal uptime, availability and security. If you need verifiable SOC 2 hosting or SOC 3 hosting, we can work with you to supply a custom and trusted solution, whether it is colocation, managed dedicated servers or cloud hosting.
How can you get SOC 2 compliant hosting?
For more information about SOC reports: