Our customers, and your customers, demand assurances that the data we process on their behalf is protected. It’s a top-of-mind priority for every business leader nowadays, especially as the existential threat of data breaches becomes increasingly prevalent in buying decisions across our industry.
People like to see industry standards for data security, and the people of the American Institute of Certified Public Accountants (AICPA) have built one of the most comprehensive sets of those standards in the System and Organization Controls (SOC) for Service Organizations. Every SOC report is completed by an independent CPA firm to the specifications of the AICPA and can be a wealth of insight into how a service organization like Deft achieves key security and compliance objectives.
The SOC 2 report is all about trust. It defines the common criteria all providers need to adhere to in order to manage their customers’ data properly. The independent third party is there to assure the compliance of Deft with the common criteria and the specific Trust Service Principles we attest to following each year.
The SOC 2 report is also about consistency. That “Type II” you see after our report title means that not only does the auditor say our systems and controls are adequate right now, but that they were proven to be effective for the entire term of the audit report. Deft has demonstrated our consistency in security and proven to be trustworthy.
Each year we undergo an extensive audit by external auditors to test our compliance with our internal controls and security programs. And it’s not just one-size-fits-all when it comes to a SOC 2 report, either — Deft has achieved four out of the five possible Trust Service Principles that represent the types of services that we provide to you and your customers. Those four Principles are Security, Availability, Confidentiality, and Privacy, and all are indicative of our extreme dedication to the security of our clients and their data while under our care and control.
How can I get a copy of Deft’s SOC 2 Type II report?
Starting today, the report is available in our customer portal. Log into https://portal.deft.com and navigate to Documents > Compliance Reports. Because of the confidential nature of the information included in our SOC 2 report, access to the report is limited to authorized contacts. If you wish to share the report with more people inside of your organization, please open a ticket.