Reinforcing Our Commitment to Security
Razor Technology has successfully obtained its SOC 2 Type II certification for 2022, our third year in a row. This investment in transparency provides greater assurance to our partners that we are building and deploying consistent, auditable, and repeatable security programs.
With the proliferation of cyberthreats, social engineering attacks, and the escalating cost of a breach, trust is at an extreme premium in IT today. Razor Technology works at the forefront of industry standards for delivering security controls. We protect every endpoint and ensure our data and the data we manage for our partners is secure at rest, in transit, and when being used.
As a trusted managed services provider and cloud solutions expert, nothing is more important than protecting and defending digital assets in a manner that is clear and understandable to our partners but completely opaque to attackers.
SOC 2 compliance is one of the most respected and rigorous security frameworks for ensuring that a service provider is actively and effectively protecting the interests of both itself and its clients. It is a standard developed by the American Institute of CPAs (AICPA), the largest trade organization of accountants in the U.S., and is based around five core Trust Service Principles (TSP):
1. Security
Preventing unauthorized access, system abuse, and data exfiltration or adulteration.
2. Availability
Adherence to Service Level Agreements (SLA) as to minimum acceptable performance, particularly in relation to uptime.
3. Processing Integrity
Delivering data that is authorized, complete, accurate, and timely — while monitoring data streams for errors.
4. Confidentiality
Restricting data to specific individuals and groups, such as private intellectual property to authorized employees, and encrypting all confidential data when in transit.
5. Privacy
Protecting Personally identifiable information (PII) in compliance with the AICPA’s generally accepted privacy principles (GAPP), such that private information is securely collected, used, and disposed of, and that proper disclosures are made of its handling.
Trust, but Verify
SOC 2 Type I is an audit for a very brief period, typically just a single day. SOC 2 Type II, by contrast, is a long-term, rigorous auditing process that investigates security procedures for a period of months. It’s an expensive and exacting process, but in today’s fraught security landscape, it provides needed assurances that effective IT controls are in place to avoid emerging threats and respond to them should they occur, including:
- Real-time Process Monitoring
- Multi-factor User Authentication
- Behavior-based Intrusion Detection
- Encryption
- Disaster Recovery
In addition to high-level Trust Service Principles, the AICPA auditor examined the actual systems and protocols that Razor Technology utilizes to deliver digital services internally and externally, including our network infrastructure, software solutions and operating systems, personnel, databases, and automated procedures.
The audit process also included a gap analysis that looked for holes in our defensive posture, as well as independent reports attesting that our services and capabilities live up to their claims, performed to specification for the entire auditing period, and that our security controls proved effective at preventing intrusions.
Our partners depend on us to secure their mission critical systems, networks, and data from all threats and digital risks. SOC 2 Type II certification is proof positive that Razor Technology is not only equipped with the next-generation tools and best practices to keep them safe, but that we are consistent in our delivery of high quality digital services.
Thank you to everyone at Razor that helps drive our security policies and bolster our defensive effectiveness across our business verticals.
Razor Technology is your trusted IT managed service provider. Save time and money on your IT and cloud services by calling Razor Tech today.