Ozmo is pleased to announce it recently obtained Service Organization Control (SOC) Type 2 certification. This is an important step in demonstrating Ozmo’s ongoing commitment to provide trusted, secure and reliable services to customers.
What is SOC 2?
SOC 2 is a compliance framework developed by the American Institute of Certified Public Accountants (AICPA), introduced in 2010. SOC 2 includes five trust service principles:
- Security: protecting information and systems against unauthorized access
- Privacy: guarding sensitive personal information against unauthorized users and usage
- Availability: information and systems are available for use and meet SLAs
- Confidentiality: information is protected and made available only to authorized users
- Processing Integrity: system processing is complete, valid and accurate
These criteria require an organization to define related processes and reporting that demonstrates compliance with those processes. The guidelines also require controls addressing encryption, disaster recovery, access control and more.
SOC 2 certification
SOC 2 compliance is verified by an AICPA-approved third-party auditor. An audit validates the organization’s documented controls and reviews evidence the organization is following those controls throughout the audit period. The audit period is normally one year, with the audit itself taking six to eight weeks to thoroughly prove compliance.
After extensive review, Ozmo selected Thoropass as its SOC 2 partner. Thoropass assisted Ozmo with identifying process and reporting requirements along with helping organize process documentation and evidence collection. Thoropass’ partnership streamlined the compliance process and improved Ozmo’s overall security posture.
“Ozmo’s stated purpose is to make tech support simple. We gave them that same level of service by making attaining a SOC 2 report simple as well. Knowing that there’s a compliant company like Ozmo out there should make all companies feel better.”
Thoropass CEO Sam Li
Why this matters for customers
In this age of cloud computing and outsourcing, every part of the software supply chain is critical. As a service provider, compliance frameworks like SOC 2 provide assurance to customers that the solutions at hand are secure and reliable. This certification proves that Ozmo maintains a comprehensive approach to security and reliability over time.
Ozmo also produces complete architecture and data flow overviews which offer full transparency into how the company transmits, processes and stores customer information. Ozmo adheres to availability and performance SLAs to ensure reliability and performance of our services. These practices create an organization-wide culture of compliance, where all Ozmonauts understand and execute on their responsibilities while ensuring user privacy and security remains at the forefront.
Ozmo is committed to securing the trust and privacy of its customers. If you're interested in learning more about partnering with a business that prioritizes user privacy and security when it comes to technical support, request a demo with Ozmo’s team of experts today.