VERMEG affirms its Customer Commitment with SOC 2 certification

VERMEG affirms its Customer Commitment with SOC 2 certification

2021-09-06 - Worldwide

aicpa for the blog

With a focus on continuous service improvement and after successfully obtaining ISO/IEC 27001 accreditation, VERMEG further enhanced its security policies and procedures by additionally embracing the SOC 2 standard to increase the level of security of its already resilient SaaS offering.

VERMEG now proudly announces it has achieved SOC 2 certification.

What is SOC 2?

SOC 2 (Systems and Organizations Controls 2) is both a security control framework and an audit procedure. It’s specifically designed for service organization processing and storage of customer data in the cloud.

For more details, please refer to the SOC2 FAQ in AICPA (American Institute of Certified Public Accountants) web site.

Why SOC 2?

VERMEG is actively expanding its existing SaaS offerings to cover additional products and geographies. SaaS is becoming one of the main channels for VERMEG to offer services to customers. The last twelve months saw a significant increase in the number of customers subscribing to or switching to a VERMEG SaaS offer.

By engaging in the SOC 2 initiative, VERMEG offers more assurance to SaaS customers relating to the efficacy of its security controls ensuring data is safely processed and stored.

What does it mean for VERMEG’s customers?

SOC 2 accreditation provides an additional layer of confidence to customers that VERMEG’s security controls have been externally audited and confirmed as compliant with the SOC 2 standard.

soc 2 graphique

What does the SOC 2 report cover?

The VERMEG SOC 2 report describes the various security controls and processes used to secure customer data and make this data consistently available to customers. It details the precise software infrastructure and processes used to achieve data security and availability. A sample of the controls covered in the report are:

  • System monitoring and ongoing risk assessments
  • Internal access control to production environments
  • Disaster recovery, data backup, and incident response processes
  • Software change management fulfilling internal functions segregation of duties and communication to customers.

These are just some of the many practices detailed in the VERMEG SOC 2 report—but the commitment to the privacy and trust of customers doesn’t stop there; As part of its ongoing dedication to data security and availability, VERMEG consistently and critically reviews how it collects, manages, and secures customer data. As part of that process VERMEG will obtain and renew the SOC 2 Type II certification report each year. If you’re a current or prospective customer and wish to view the full report, you can request a copy from your VERMEG account representative.

This SOC 2 report is just one of many ways that VERMEG commits to providing the highest quality of service to customers.