SOC stands for Service and Organization Controls, is introduced by AICPA
and is based on the Trust Services Criteria.
SOC 2 (Service and Organization Controls 2) is a type of audit report that attests to the trustworthiness of services provided by a service organization. It is commonly used to assess the risks associated with outsourced software solutions that store customer data online.
Kaleido has maintained SOC2 Type 2 compliance for three “trust service principles”—security, availability, and confidentiality.
With SOC2 compliance, the auditor confirms that the organization is following the controls that it has put in place and that the controls are appropriate to protect the interests of the organization and the privacy of its clients. For security-conscious businesses, SOC 2 compliance is a minimal requirement when considering a SaaS provider.