Skip to Main Content

SOC 2 Compliance: What’s The Big Deal?

By

Ron Burgundy from the movie Anchorman saying: I don't know how to put this but ... I'm kind of a big deal.

In this day and age, cybersecurity can feel like the Old West. (Think more Tombstone and less Back To The Future III.)

Frankly, some parts of the internet feel snuggly safe, while others feel downright iffy.

In our post Why CDNs Put Your Site In The Fast Lane, we mentioned that WP Engine totally complies with SOC 2, the latest standard for website hosting security.

In retrospect, we realize that SOC 2 compliance is such a big deal that it deserves much more than a mere mention. (For shame!)

So today, we’re going to geek out over why SOC 2 compliance is a big deal everywhere (and not just in Japan). ⬇️

What is SOC 2 compliance?

Logo for AICPA and SOC 2 compliance

SOC stands for “System and Organizational Controls.”

Developed by the American Institute of Certified Public Accountants (AICPA), the purpose of this framework is to:

  • provide regular and independent (outside) reporting …
  • of the controls implemented to mitigate risk to your info …
  • according to five (5) Trust Services Criteria.

Why is SOC 2 security a big deal?

Woody and Buzz Lightyear from Toy Story. Buzz is saying to Woody: Threats, threats everywhere!

What sets SOC 2 apart from other security frameworks are those five Trust Services Criteria.

  1. Security – Is my information protected against unauthorized access?
  2. Availability – Can I access the system to perform the work I need to do?
  3. Processing integrity – Are the company’s systems operating as intended?
  4. Confidentiality – Is my confidential info being protected by limiting its access, storage and use?
  5. Privacy – Is my sensitive personally identifiable information (PII) being safeguarded against unauthorized users?

During an SOC 2 audit, an independent auditor will evaluate a company’s security compliance related to one or all these Trust Services Criteria.

How does SOC 2 compliance help your biz? (It’s trust.)

A tuxedo cat has his green eyes opened really wide. The text reads: When a cat closes its eyes around you, it means it trusts you. This is my cat.

As the internet gets bigger, customers are getting more security savvy and protective of their personal info—and they have extremely high expectations (rightly so) for how companies handle their intel.

WP Engine is SOC 2 compliant and meets the standards for Security and Availability Trust Services Criteria.

And a company (like yours) that complies with the latest and greatest security standards will stand apart from the rest.

So in a world filled with ever-increasing data leaks and breaches, being able to say that your website is SOC 2 compliant is totally a big deal.

Trust takes years to build, seconds to break, and forever to repair.

Author Unknown

Image credits: Anchorman, AICPA/SOC 2 Compliance, Toy Story, Wide-eyed kitty

Got a website or hosting question?

Ask the Geeks!