Skip to content

Why Your Managed Service Provider Should Be SOC2 Compliant

It’s one thing to say you’ll deliver on a promise. It’s quite another to prove it. But American Digital has—demonstrating our commitment to excellence by going above and beyond to earn SOC2 compliance.

What does this mean for our partners? It means you’re assured American Digital has been audited by a third party, and that auditor has confirmed that we have processes and systems in place to adhere to five important trust principles. Those include security, availability, processing integrity, confidentiality, and privacy. These are essential when entrusting business operations to a third-party cloud-computing or SaaS provider.

At the top of that list is data protection against unauthorized users. This might involve systems or security methods such as the use of two-factor authentication, intrusion detection, or firewalls. Auditors also assessed system, product, and service availability to ensure we deliver as stipulated in our service level agreement and contract. To prove a company can protect service availability, auditors look at things like a company’s disaster recovery methods and its process for monitoring system performance. Auditors also take a look at data processing integrity to ensure systems deliver as promised and achieve their intended purpose. This might be contingent on, for example, the methods a vendor uses for monitoring or maintaining quality assurance.

The last two trust principles, confidentiality and privacy, work in tandem to protect confidential and personally identifiable information. This might involve data encryption, user access controls, network firewalls, application firewalls, or standards put in place for retaining and disposing of personally identifiable information.

For American Digital, an organization focused on helping our own clients maintain optimal security, we think it’s imperative that we lead by example. SOC2 compliance is just one more reason we’re the right choice for data management, data security, and managed services.

Back To Top