Multacom, a Los Angeles-based web host delivering colocation, dedicated servers, VPN and shared web hosting solutions, has announced that all of its data centers at 707 Wilshire Blvd. in Los Angeles, including its newest data center location, have successfully completed a Type 2 SOC 2 examination.
The scope of the examination covered Multacom’s colocation services as they relate to the SOC 2 principles of security and availability. The examination was completed by BrightLine CPAs & Associates, Inc., a company that is a CPA firm, a globally licensed PCI Qualified Security Assessor, an ISO Certification Body and a FedRAMP 3PAO.
The examination is an independent evaluation of the effectiveness of Multacom’s controls relevant to security and availability in its web hosting operations and its adherence to the Trust Service Principles of SOC 2, which are modeled around four areas: Policies, Communications, Procedures, and Monitoring. Each principle has specifically defined criteria and controls, which must be met to demonstrate compliance. These reports are intended for the stakeholders of an organization that need to understand the internal controls in place as they relate to security, availability, processing integrity, confidentiality and privacy.
“We felt it was very important to bring in a credible outside source to evaluate our standards,” said Kiarash Jahangiri, CEO of Multacom. “The rigorous evaluation by an accredited third party gives our stakeholders the objective information they need to understand our operational systems and infrastructure. They can now do their own due diligence and refer to this report to confirm we are meeting their own internal requirements and exigencies when it comes to security and availability.”
Type 2 SOC 2 Examination
SOC 2 reports are an alternative to SOC 1 (SSAE 16) specifically for organizations that hold and store information for clients, such as data centers and managed services. The Type 2 report is more involved than a Type 1 and is comprised of an examination over a period of time by a licensed CPA firm evaluating the suitability of the design and operational effectiveness of controls and systems in place, as well as testing and providing evidence of how these controls are used and implemented.
Security is evaluated based on the system’s protection against any unauthorized access or use, while availability is reviewed based on the system being available as stipulated in the organization’s agreement with clients. Some of web hosting provider Multacom’s commitments include on-site security and technical support 24 hours per day, a multi-tier access control system and 100% network and power uptime. Multacom will be completing the Type 2 SOC 2 examination for their data centers annually.