As of December 2020, eFileCabinet has qualified for a SOC 2 Type 1 compliance certification. Customers can now request a copy of this report for their own auditing purposes. 

This certification establishes that eFileCabinet meets the standards laid out by the American Institute of Certified Public Accountants (AICPA)’s five principles of Trust Services Criteria principle of security and has been certified by a qualified, third-party auditor.

What is SOC 2, and what makes it so important? This audit and certification was created by the AICPA to apply to any business that provides cloud services to transfer or store another business’s data.

The SOC 2 audit follows the principles established by the Trust Services Criteria (TSC). 

The five principles of TSC are:

  • Security: Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could compromise the availability, integrity, confidentiality, and privacy of information or systems and affect the entity’s ability to meet its objectives.
  • Availability: Information and systems are available for operation and use to meet the entity’s objectives.
  • Processing integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
  • Confidentiality: Information designated as confidential is protected to meet the entity’s objectives.
  • Privacy: Personal information is collected, used, retained, disclosed, and disposed to meet the entity’s objectives.

The difference between the two types of SOC 2 reports is that Type 1 is representative of a specific point in time, while Type 2 is for a period of over 6-12 months. Type 1 is the faster report to generate.

SOC 2 certification is key for cloud businesses to improve trust and accountability to customers. For businesses that handle sensitive financial data, especially that of clients, it provides assurances that their service provider has all the proper controls when transferring and storing that data. It lets them know that you have protections and  plans on how to face potential threats.

To begin the process of obtaining eFileCabinet’s SOC 2 Type 1 report, please contact your account executive.