Ledger, an organization that is known to provide varying hardware wallet solutions has passed the System and Organization Controls or the SOC type 1 test with flying colors.
System and Organization Controls (SOC) reports help entities and individuals to feel confident about the service providers or potential service providers. It is to ensure that they are operating in an ethical and compliant manner. A good SOC report establishes the credibility and trustworthiness of the service partner. A SOC report is an independent, third-party validation of a service organization’s commitment to evidencing the design and effective operation of its controls.
Friedman LLP was the NewYork-based accounting firm that ran the SOC 2 Type 1 test on Ledger. After conducting its thorough evaluation, it said the following:
“By obtaining the SOC 2 Type 1 report, we are now able to provide an additional layer of verified security to our clients, assuring that the Vault solution is secured at all times and that we have the processes in place to ensure availability.”
The SOC 2 certification is issued by outside auditors only. They have a non-partial assessment to the extent to which a vendor compiles with one or more of the five trust principles based on the systems and processes in place. Trust principles are broken down into security, confidentiality, privacy, availability, and process integrity. In one of the popular blogs, it said;
“As proof of compliance with the AICPA auditing procedure, SOC 2 Type 1 report shows that a SaaS [software-as-a-service] firm has best practices in place. It gives potential customers the assurance that a service organization has passed the said auditing procedure, and that their data is safe if they work with the SOC 2-compliant company.”
A SOC 2 Type II Report is similar in nature to the Type I report as it provides a report on management description of a service organization’s system and the suitability of design and operatives. It lifts the benchmarks to a further high with far more in-depth indicators and standards and that which takes a bit longer than the usual.
Ledger examination by Friedman happened at different levels including security, disaster recovery strategy, and many other technicalities. Ledger CEO Pascal Gauthier said that getting this attestation is quite an achievement as it only showcases how well its systems are coherently placed and documented the way it should. It makes the overall system secure re-establishing the trust factor big time.
Ledger is a future-ready, fast-paced organization that develops and builds secure infrastructure solutions for cryptocurrencies and other blockchain applications for both companies and individuals. They leverage their proprietary technology to secure the new disruptive class of crypto assets.
The CEO of Ledger also added that after this achievement it was eyeing towards SOC 2 Type 2 approval which will take its standards even higher. A few months ago, Ledger had suffered a database leak that exposed the customer information. The organization had nipped the act in the bud by tackling the issue then and there.