Interviews

What’s new with your favorite virtualization companies and executives.

Events

Check out what’s happening in your area, from webinars to lunch and learns.

Blogs

Get the scoop on the latest technology news from industry experts.

How To’s

Step by step instructions on a variety of need to know virtualization topics.

News

Take a look at the industries most recent company and product annoucements.


Home » Blogs

How can enterprises use SOC 2 reports to evaluate cloud providers?

Submitted by on May 12, 2017 – 1:57 amNo Comment

There are a few tools that can be used when assessing a cloud service provider, and a SOC 2 report is one of them. If a cloud provider or vendor has a SOC 2 report available, it can be extremely useful to understand the company’s controls when it comes to security, availability, processing, integrity, confidentiality and privacy. If the third party cannot provide a SOC 2 report, it’s possible that they haven’t had an assessment performed, or that they’re not willing to disclose this data.

It’s always best to receive a Type 2 SOC 2, but many vendors might send over a SOC 3 to prove that work has been completed. The Type 2 SOC 2 report will not only review the controls in question, but will go into detail on the effectiveness of the controls. If possible, try to get a Type 2 SOC 2 from the vendor as a first step.

To read the entire article, please click on this link http://searchcloudsecurity.techtarget.com/answer/How-can-enterprises-use-SOC-2-reports-to-evaluate-cloud-providers