Darkreading.com asked this question “How can SaaS vendors demonstrate proof of their commitment to taking their customers’ data security seriously?” because a “…2020 survey found that 52% of companies were using cloud services that had experienced a breach involving user data.” The April 23, 2021 report title “SOC 2 Attestation Tips for SaaS Companies” answered its question with these comments:
One way SaaS vendors can demonstrate this is by achieving attestation with SOC 2.
According to the Association of International Certified Professional Accountants (AICPA), SOC 2 is a means for SaaS vendors and other organizations to obtain reports that provide detailed information and assurance about the systems they use to process users’ data.
The SOC 2 Report uses criteria from these five categories:
1. Security
2. Availability
3. Processing integrity
4. Confidentiality
5. Privacy
Reviewing the SOC 2 Report is essential to learn about data security!