I'm proud to announce that ServerCentral's 2016–2017 AT-101 SOC 2 Type II report is now available to download in our customer portal.
All customers with access to compliance reports can view the report for any of our US-based data centers. If you are a customer and are having trouble accessing the document, have your account admin reach out to our support team to request access on your behalf.
While adopting the new Trust Service Criteria was no small feat, it represents a quantum leap forward with regards to compliance and security for service providers like ServerCentral. The 2013 COSO Internal Control Integrated Framework has been adapted by the AICPA to improve the effectiveness of the Trust Service Criteria.
The 2013 COSO Internal Control Integrated Framework is a shift away from attestation (“we swear we do X”) to direct control effectiveness (“we swear we do X and it's proven by Y”). This means our SOC 2 report officially demonstrates that we walk the walk.
The new Trust Service Criteria align the testing of our controls to visibly demonstrate our compliance to our customers.
ServerCentral has also added an important privacy section to our SOC 2 report. The privacy principles involve extensive testing of how we collect, store, process, and most importantly, destroy private customer data as it moves through our systems.
Our team worked tirelessly over hundreds of hours to implement these privacy criteria provided by the AICPA, doubling down on our investment in securing and protecting customers.
Anything we can do to deepen our partnership with customers on compliance and security is time well spent.
As always, if you have particular compliance questions or need assistance reading the SOC 2 report, please schedule some time with your account manager to walk through the report.