Intermedia receives SOC 3 report for holding security practices, policies, procedures, and operations to the highest standards
As a leading cloud business applications provider, we take security and compliance very seriously. Our controls are designed and operationally effective to make sure that our customer data is always highly protected. That’s why today we are pleased to announce the successful completion of a SOC 3 examination, formally known as a Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy. The examination was performed by an independent CPA firm for the scope of service described below.
This report will make it easier than ever for partners, customers, and prospects to feel confident that their company data is safe and secure against the highest security standards.
SOC 3 reports are attestation reports that opine on controls at a service organization relevant to the security, availability, or processing integrity of a system (security, availability, and/or processing integrity principles) or the confidentiality or privacy of the information processed for the user entities (confidentiality or privacy principles). Intermedia’s SOC 3 report outlines our security and compliance practices, policies, procedures and operations, and is available to anyone on our website here.
What’s the difference between a SOC 2 and SOC 3 report?
Intermedia’s services and infrastructure are already SOC 2 audited. This means that our security and compliance claims have been tested through a comprehensive 3rd-party audit resulting in a 60-page report that outlines all the results in detail. This report is available to any partner, customer or prospect, but access requires the recipient to sign an NDA.
I asked Ryan Barrett, Intermedia’s VP of Security and Privacy, to share in his own words why Intermedia took this extra step to secure the SOC 3 report, and he had this to say:
“We want to be as transparent as we can with our partners and customers. A SOC 2 report outlines nearly every detail of our security procedures, including all our controls, our products, and all the brands that we use. This level of information can be a bit overwhelming and cumbersome. The SOC 3 condenses all the information that most customers would want to know from the SOC 2 report into an easily digestible 8-page summary that can accessed directly on our website. By going this extra step to secure the SOC 3 report, we’re removing the barrier of having to sign an NDA. We want to share information the best we can with our users, and the SOC 3 helps to facilitate that process that much faster.”
There you have it. The SOC 3 report is symbolic of this unqualified opinion that a provider has the enterprise level security controls – people, process and technology in place to keep customer data safe, secure and private. It also puts Intermedia’s cloud security among the likes of other SOC 3 report holders, such as Microsoft, Google, Salesforce and Amazon Web Services.
- Examination Scope: Intermedia Cloud PBX, Exchange Email, SecuriSync® and Intermedia AppID®
- Selected SOC 3 Principles: Security, Availability, and Confidentiality
- Review Period: January 1, 2017, to June 30, 2017
- Service Auditor: Schellman & Company, LLC
SOC 2 and SOC 3 are registered trademarks of the AICPA.