While companies across industries continue to adopt the cloud (A Forrester Research, Inc. report cites that companies expect to be using 66 different SaaS applications in 2015), there is still apprehension around data security in these various cloud applications. Makes sense, IT departments want to know that their critical business data is safe and protected.
The good news is that cloud vendors (like Backupify!) are going through extensive audits and other regulations to ensure that their customers’ data is as secure as possible. With all these security regulations for cloud vendors, the cloud has actually become a safer place to store data than on-premise.
At Backupify, we just completed the long process to become Soc 2 Type II compliant.
What does this mean?
Soc 2 Type II compliance is crucial for any vendor working with larger, enterprise-level companies. Conducted by an independent audit firm, the audit is a rigorous review of a company’s backup and recovery systems. The Soc 2 Type II audit includes a full assessment of a company’s infrastructure, software, people, procedures, and data. As enterprise organizations have more stringent data security standards, vendors that are Soc 2 Type II compliant have a leg up.
What’s the difference between Soc 1 and Soc 2 compliance?
There is a common misconception in the industry as to the difference between these types of compliance. Soc 1 or SAS 70 or SSAE15 compliance is more focused on the security of the financials of a cloud vendor. Also a vendor with Soc 1 compliance under their belt simply means that the vendor created a set of criteria and then passed the audit. In other words, the vendor creates the test that it needs to pass.
Soc 2 compliance tests if there are information security controls around the data. It’s a newer audit and is much more comprehensive compared to a Soc 1 audit. Also, a Soc 2 audit is completed by an independent third-party.
When it comes down to it, if your business cares about the security of your data in the cloud, look for Soc 1 AND Soc 2 compliance.
For more details on Backupify’s successfully completed audit, check out our news release.