Sage Intacct expands system and data security certifications
When you work with Sage Intacct, you entrust us with your company’s highly confidential business information. We take that seriously and wanted to take a moment to update our users regarding the recent completion of our first SOC 2 Type II attestation.
Sage Intacct has a variety of tools and procedures in place that are designed to prevent unauthorized programs, systems, and users from gaining access or control of system processes, resources, and data. As a background, Sage Intacct currently has SSAE 18 (SOC 1 Type II), PCI-DSS, and Privacy Shield certifications, and this SOC 2 Type II certification is a new (and welcome!) addition.
Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 Type II is applicable to service providers that are using the cloud to store customer data – which essentially includes any and every SaaS company, along with any organization that utilizes the cloud to store customer information.
The AICPA has established wide-ranging criteria for handling customer data grounded on five “trust service principles.” To achieve SOC 2 Type II companies are required to pass the security principle, and are additionally encouraged to establish and follow strict information policies and procedures on all five, which include:
1. Security
2. Availability
3. Processing integrity
4. Confidentiality
5. Privacy
Sage Intacct’s SOC 2 Type II certification was issued by outside auditors based on the systems and processes in place. By receiving SOC 2 Type II certification, Sage Intacct has proven that our customer’s information security measures are in line with the unique parameters of today’s cloud requirements.
While SOC 2 Type II compliance isn’t a requirement for SaaS and cloud computing vendors, Sage Intacct is proud to add this certification as one more proof point to the extensive commitment to security we offer each and every user.
Ask the author a question or share your advice