SOC stands for Service Organization Control. The SOC 1 report is for financial information like credit card numbers, while the SOC 2 report is for non-financial information. The certification process involves an audit by a third-party to verify that a company is meeting SOC guidelines.
SOC 2 security principles focus on preventing the unauthorized use of assets and data handled by the organization. This principle requires organizations to implement access controls to prevent malicious attacks, unauthorized deletion of data, misuse, unauthorized alteration or disclosure of company information.
SOC 2 Certification is vital because it holds businesses like GuardSight to a standard that protects consumer data. It allows our customers to have peace of mind knowing that GuardSight is vetted and approved, and strongly committed to information security practices.
To pass the SOC 2 audit process, a third-party evaluated GuardSight’s system on five SOC 2 Trust Services Criteria including:
- Security
- Availability
- Processing Integrity
- Confidentiality
- Privacy
