SoftLayer is the largest privately held Infrastructure as a Service with 13 data centers in the United States, Asia and Europe and it operates a global cloud infrastructure platform built for Internet scale. The company announced yesterday about its successful completion of Service Organization Controls (SOC) 2 Type II examination for the company’s 13 data centers. Weaver, an independent accounting and auditing firm has conducted the examination and assessed the processes, procedures and controls for security and availability at SoftLayer’s data centers for year ending October 31, 2012.
SoftLayer’s customers get assurance with the SOC 2 certification that the company meets audit levels for data protection and availability and it has effective operational controls. As part of their compliance strategy, organizations with certification and compliance requirements such as HIPAA and PCI DSS may request and control the SoftLayer’s SOC 2 Type II report. The SOC 2 certification is very vital for any Infrastructure as a Service (IaaS) provider who provides outsourced, mission-critical, and information technology services. The audit includes full evaluation of data center security, availability, processing integrity, confidentiality of information, maintaining privacy as per American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA).
A SOC 2 examination is well recognized certification and a Type II report not only includes the service organizations system description, but also includes detailed testing of the design and operating effectiveness of the service organizations controls. “SOC 2 exams are rigorous independent assessments, geared toward technology service providers, especially those running data centers,” said Val Stinson, director of compliance for SoftLayer. “With our successful completion of testing, we’re able to provide our customers with greater insights into our controls, procedures and systems for our entire portfolio of cloud based services. To date, approximately 100 customers have requested our SOC 2 Type II report as a part of their compliance efforts.”