CloudLock Completes SOC 2 Type 2 Certification, Elevating the Standard for Securing Information in the Cloud
September 9, 2013
Grazed from MarketWire. Author: PR Announcement.
CloudLock, the leading information security suite for enterprises using cloud platforms, announced it has successfully completed the Service Organization Control (SOC) 2 Type 2 audit. A leading independent auditor, EY (formerly Ernst & Young) conducted the audit, which verifies that CloudLock’s information security practices, policies, procedures and operations meet or surpasses the rigorous SOC 2 standards for security, availability, and confidentiality.
"Completing the SOC 2 Type 2 audit demonstrates our ongoing commitment to security and underscores the investment we’ve made to keep our customers’ data and systems safe," said Gil Zimmermann, CloudLock CEO and co-founder. "Our customers rely upon us to secure their more than 1.5 million users, who are responsible for creating the more than 55 million files currently stored in public cloud domains. Organizations faced with compliance requirements around sensitive data, like PCI, PII, and IP, can leverage CloudLock’s SOC 2 Type 2 as part of their compliance strategy."…
Why is SOC 2 Type 2 Important to Our Customers?
Service providers must demonstrate that they have adequate controls of data protection technologies and processes. The SOC 2 Type 2 report puts strict audit requirements in place and sets a high bar with a more meaningful audit standard then SAS70 or SSAE 16 SOC 1. The same audit report used by Amazon Web Services and Google, SOC 2 validates the security of infrastructures and services and is rapidly becoming an industry standard.
"The certification sets CloudLock apart from other ISVs in the growing cloud ecosystem. Our customers, which range from the world’s largest enterprises to SMBs, can be assured that the highest level of internal controls and security are established and maintained," said Ron Zalkind, CloudLock CTO and CISO.
The importance of auditing is also recognized and encouraged by Gartner. "Cloud computing is a powerful tool for IT and businesses. Public cloud computing can be adopted safely and sanely. However, enterprises must do their homework, and avoid taking blind leaps of faith; otherwise, they will run huge risks with their mission-critical data, applications and processes," said Gene Phifer and Jay Heiser in their report "Look Before You Leap Into Cloud Computing", 12 June 2013.