Home
Topics
Cloud Computing Compliance, Audit and Data Governance
Evaluating Cloud Computing Providers
Soc 2 (Service Organization Control 2)

Definition

Soc 2 (Service Organization Control 2)

Soc 2, pronounced "sock two" and more formally known as Service Organization Control 2, reports on various organizational controls related to security, availability, processing integrity, confidentiality or privacy. The standard for regulating these five issues was formed under the AICPA Trust Services Principles and Criteria.

See also: Soc 1

Related glossary terms: Cloud Controls Matrix, cloud computing, Security, Trust and Assurance Registry (STAR) , Computación en la nube

Contributor(s): Alex DelVecchio

This was last updated in April 2012

Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchCloudSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Cloud API security risks: How to assess cloud service provider APIs

The CSA says cloud API security is a top threat to cloud environments. Expert Dave Shackleford explains how to assess the security of providers' APIs.
The other cloud atlas: Building a cloud service provider inventory

Struggling with rogue cloud usage? Ed Moyle explains how and why a cloud service provider inventory can help manage multiple cloud service providers.
Cloud security panel discusses transparency, Notorious Nine at RSA

A panel of cloud security experts fielded questions on cloud provider transparency, the CSA's Notorious Nine report and more at RSA Conference 2013.

Articles

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Research More Tech Terms

Search thousands of tech definitions
Browse tech definitions
Browse Alphabetically:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
- #

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

Powered by WhatIs.com

More from Related TechTarget Sites

Security
Security Channel
Security UK
Cloud computing
Server Virtualization
VMware

Security
- Using network flow analysis to improve network security visibility
  
  To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility.
- Sourcefire updates malware detection, malware analysis capabilities
  
  New features for detecting and analyzing malware in Sourcefire's FireAMP and FirePOWER products supplement flagging signature-based antimalware.
- Information Sharing and Analysis Centers: Getting started with ISACs
  
  Joe Granneman explains how ISACs enable cybersecurity information sharing and the basic requirements for joining an ISAC.
Security Channel
- Websense Partner Program
  
  Learn about bandwidth management vendor Websense's partner program in this standardized checklist.
- Tripwire, Inc. Partner Program
  
  Learn more about configuration control software vendor Tripwire, Inc.'s partner program in this standardized checklist.
- Configuring privilege levels
  
  This section of the chapter excerpt focuses on supporting multiple administrative levels of router configuration.
Security UK
- Infosecurity 2012: IPv6 challenges to network security
  
  In this video interview, Ian Kilpatrick of Wick Hill discusses the IPv6 challenges that small and medium businesses are just beginning to address.
- Apache DDoS vulnerability requires immediate update to avoid threat
  
  Apache has released an updated version of its Web server to address a DDoS vulnerability, for which exploit tools have been found in the wild.
- Learn how to utilize a free spam-filtering service for your SMB
  
  Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise.
Cloud computing
- VMware charges into public cloud IaaS fray as Dell exits
  
  Dell will discontinue its OpenStack and VMware vCloud-based public cloud offerings as VMware delivers its vCloud IaaS.
- Cloud migration obstacles remain for heavily regulated industries
  
  Financial, government and healthcare industries must overcome data security breaches and regulatory issues for a successful cloud migration.
- Converging private PaaS, IaaS: The next generation of private cloud
  
  Most IT pros build private clouds using IaaS but forget to consider developers. Convergence with private PaaS could meet needs, but not for all apps.
Server Virtualization
- Strike a common-sense balance when deciding what to automate
  
  Consider the many factors that determine the potential return on investment when deciding when and what to automate.
- How can I enable automated VM resource provisioning?
  
  As with many other facets of virtualization, VM resource allocation is becoming automated. Find out what tools you can use for automated provisioning.
- Columbia Sportswear's move from virtualization to private cloud computing
  
  Columbia Sportswear parlayed server virtualization into a private cloud. Along the way, it found that its management tools needed serious rethinking.
VMware
- Tough Metro vMotion requirements make for a dream infrastructure
  
  VMware's Metro vMotion requirements for networking, storage and vCenter keep live VM migration between data centers just a dream for most IT shops.
- IT, meet security: Why vSphere security is all about collaboration
  
  Strong vSphere security comes from collaboration and the right server virtualization security tools and processes.
- How the VMware Hardware Compatibility Guide keeps everyone safe
  
  Enterprise IT is a balancing act between new innovative gadgets and proven tools. Find the middle ground with the VMware Hardware Compatibility Guide.

All Rights Reserved,Copyright 2011 - 2013, TechTarget