OneNeck Completes SOC 1 Type 2 Audits

Channel partners frequently act as that "one throat to choke," and they strive to ensure there's no reason for customers to get the noose. And in that vein, OneNeck IT Solutions has taken a step to prove to customers, both potential and existing, that it has what it takes to avoid a good strangling.

Aside from this writer's tiring attempt to make a funny based on OneNeck's corporate brand, the cloud hosting provider and IT solutions company has achieved something that likely will become increasingly common in the future. OneNeck successfully completed the American Institute of Certified Public Accountants Statement on Standards for Attestation Engagements (SSAE) 16, SOC 1 Type 2 audits.

What that means is OneNeck opened up its books, policies and processes to an accounting firm. SSAE 16 specifically focuses on procedures, including physical and environmental equipment security, problem management, technical support, customer ordering/service delivery, network equipment monitoring and organization and administration.

SOC 1 (aka Service Organization Control) focuses on internal controls at an organization that are relevant to financial reporting. The Type 2 report focuses on the fairness of the presentation of management's description of the service organization's system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period.

What all of this means is a potential for differentiation in the market.

"Our customers find the SSAE 16 beneficial to meeting their own compliance needs," said Clint Harder, CTO and senior vice president of Product Strategy at OneNeck, in a prepared statement. "Instead of duplicating the same auditing steps, our customers can focus on growing their business knowing that the processes and procedures behind the services they receive from OneNeck have been audited and tested by an independent third party. It's just part of our commitment to providing the best security and service available in the industry."

With more and more cloud companies coming online and marketing a variety of services, third-party validation is likely to become more important in the future—not just in differentiation, but in some cases, even being considered as an end-customer option. Providers can say all they want about their services, but backing it up through the scrutiny of an audit adds a little punch to the claims.