5 Best Practices for Becoming an AWS Migrations Competency Partner
Mission achieved the AWS Migration Competency. Learn more about their recommended best practices to attain this important AWS competency.
Mission is pleased to announce that it has recently passed its Service Organization Controls (SOC) 2 SM Type 2 audit.
A SOC 2 Type 2 report is the most comprehensive certification within the SOC protocol. Companies that earn this certification have demonstrated that their system is operationally effective at keeping sensitive data secure. In this blog post, we will explain how auditors measure success in assessing a company for SOC 2 Type 2 certification, the process Mission went through to get certified, and how this benefits customers.
For the SOC 2 Type 2 certification, third-party auditors assess the extent to which a vendor complies with one or more of five trust services criteria based on the systems and processes in place. The five criteria are:
Mission’s SOC 2 Type 2 certification process began with a kickoff meeting between key Mission stakeholders and a third-party auditor. In this initial meeting, Mission and the auditor reviewed the standards that would be evaluated, decided on the audit timeframe, and determined where we currently had gaps so we could prepare in advance of the audit.
The next part of the process is the validation phase. This is otherwise known as the audit phase. During the validation/audit phase, none of Mission’s processes were allowed to change. We had to validate our controls (by way of penetration testing, audits of logins and antivirus tools, and more) to demonstrate evidence within the audit timeframe that we handled security protocols correctly. Additionally, during the validation phase, the auditor maintained a procedure document which contained an audit of all users and credentials in our systems, as well as onboarding systems for employees and vendors.
In the final phase, the auditor gathered all of the evidence and compiled a comprehensive report, ultimately determining that Mission's policies, procedures, and controls met the standards required for SOC 2 Type 2 certification.
The SOC 2 certification carries significant importance both for Mission as a company well as for all of our customers we serve.
From the customer perspective, the SOC 2 Type 2 certification brings peace of mind and serves as a shortcut to building trust. It functions as proof that a cloud provider such as Mission prioritizes security and demonstrates from a non-biased, third-party source that Mission’s controls are living up to expectation. In addition, from the Mission perspective, the SOC 2 Type 2 certification is incredibly useful in that it provides an opportunity to benchmark ourselves against industry standards and keep up with evolving security best practices.
To learn more about our SOC 2 Type 2 certification, read our press release here.