Complying with information protection regulations is more difficult than ever in any locale or region.  Across municipalities and governmental bodies of all levels, the regulations exist to provide minimum standards for the required care of sensitive information.  There is not any area where exceeding these standards is more important than in the data center.  The amount of information that can be stored on a single hard drive and or transferred across a 10 Gigabit per second connection is truly incredible.  Therefore, it is absolutely imperative that the data center  industry adhere to Service Organization Control (SOC) requirements for managing financial information provided by the American Institute of Certified Public Accountants (AICPA).

IT Infrastructure as a Service Providers like InfraDMS, demonstrate achievement of SOC 2 Type 2 standards annually to assure operating system controls are effective in the protection of information being stored or transferred across networks. A SOC 2 Type 2 report examines the design effectiveness of a service provider’s controls and determines whether or not controls have been placed in operation on a set date. Furthermore, the report evaluates the effectiveness of the controls over a period of anywhere from four to nine consecutive months.

The AICPA has created five Trust Service Principles (TSP) that outline the areas a SOC 2 Type 2 report will consider:

  • Security: The system is protected against unauthorized access, use or modification
  • Availability: The system is available for operation and use as committed or agreed
  • Processing Integrity: System processing is complete, valid, accurate, timely and authorized
  • Confidentiality: Information designated as confidential is protected as committed or agreed
  • Privacy: The system’s collection, use, retention, disclosure and disposal of personal information are in conformity with the commitments in the service organization’s privacy notice

Companies utilizing or considering an IT Infrastructure as a Service provider, should ask about the providers performance relative to the SOC II standards on an annual basis to be certain that your provider has the controls that will serve as a foundation for your information security success.



Design. Build. Implement.
Enjoy Flexible, Scalable & Secure Infrastructure with InfraDMS Support All Along The Way