What Is SOC2 Compliance? And Why Is It Important For Your Vendors?

by Chase Venters, Chief Information Officer
  • It helps your customers and residents put their trust in you when it comes to giving you sensitive data including social security numbers, credit card, or other customer-specific personally identifiable information (PII)
  • It helps keep you compliant with state, federal, and international legislation, particularly as it relates to the safeguard and handling of PII customer data
  • It protects you against potential cyber-attacks, saving time and money, as well as preventing negative publicity. For example, cyber-attacks are estimated to take 55 days to contain, so it is better to take a proactive approach and mitigate against them
  1. Do you have SOC 2 accreditation? If so, how long have you had it for? If you don’t, are there any plans to achieve it in the future?
  2. If you have SOC 2 accreditation, which key trust services criteria did you focus on?
  3. What did you learn from your audit, and what processes have you put into place as a result?
  4. How do you monitor server activity for hackers and other suspicious activity?
  5. What alerts do you have in place in the event of a security incident and who receives them in the company?
  6. How do you track and record cloud server activity so you can refer back to it in case of a security breach?
  7. What service level agreements (SLAs) do you have in place to detect and fix issues?
  8. Do you have a copy of your SOC2 System Description and Auditor’s Letter of Compliance that we can review?

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Exceleron Software

Exceleron Software

North America’s leading utility prepay and payment service company.