Many organizations are in industries requiring them to meet significant compliance standards and/or have customers with demanding requirements for the same purpose. Certifications such as PCI DSS, NIST, HIPAA, HITRUST, FedRAMP, and others must be earned and maintained. A key building block toward fulfilling compliance needs is engaging with a service provider that is SOC 2 certified.

A Systems and Organization Controls (SOC 2) audit is a review by an independent, third-party auditing firm that assesses a service provider's policies, controls, and procedures to protect customer data and maintain high availability. 

SOC 2 is the next generation of the SAS 70 standard and was created (and is administered by) the American Institute of Certified Public Accountants (AICPA). It is a key indicator to the marketplace that systems and best practices for uptime and data center security are in place and followed by the service provider.

When a SOC 2 certification is issued to a data center provider by a reputable auditor, that certification serves as the building block for compliance for customers of that data center. It confirms to the customers’ auditors that the procedures and practices of the data center provider meet or exceed current operational and security standards. The SOC 2 certification is conveyed to the customers through their relationship with the service provider.

Direct LTx undergoes ongoing SOC 2 audits, which come with ever-increasing requirements. The SOC 2 certification we have earned due to our security and high availability practices and procedures directly benefits Direct LTx customers, as that certification serves as a foundation for customer compliance frameworks such as PCI DSS or HIPAA. 

If you have questions about SOC 2 certification and how it can be a keystone of your organization’s compliance needs, Direct LTx would be happy to discuss them with you. Email us at strategy@directltx.com to find out how we can assist in meeting your organization’s compliance goals.