March 12, 2018

Forcepoint adds AICPA SOC 2 Type 2 report to its Cloud Trust Program

Allan Alford

We are delighted to announce that Forcepoint has received an AICPA SOC Type 2 report to add further depth to its Cloud Trust Program. AICPA (The Association of International Certified Professional Accountants) SOC standards establish the framework for examining controls at a service organization: SOC 1 reports focus on financial reporting, while SOC 2 and 3 reports focus on nonfinancial reporting controls relating to security, availability, processing integrity, confidentially, and privacy. SOC 2 also examines the details of datacenter testing and operational effectiveness.

This most recent audit was conducted by an independent audit body (Coalfire) approved by AICPA, and involves a rigorous review of Forcepoint’s Cloud security controls. The AICPA SOC 2 Type II audit included a full assessment of a company’s Cloud infrastructure, software, people, procedures, and data. 

AICPA SOC 2 reporting was specifically developed for cloud computing, SAAS and IT managed services, and addresses the five “Trust Services Principles”; security, availability, confidentiality, processing integrity and privacy.

What does SOC 2 mean for our customers?

In certain markets and geographies a SOC 2 report is required to do business. While our other certifications within our Cloud Trust Program including ISO 27001:2013 , ISO 27018:2014 (Cloud Privacy) and Cloud Security Alliance STAR bring value globally, the SOC 2 report delivers assurance for customers with stringent vendor due diligence programs.

Forcepoint continues to deliver best practice and build momentum with the combination of our strong partner community and world-class solution capabilities that organizations need in order to secure their cloud applications.






About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.