Service Organization Control (SOC) Reports
When you are conferring about confidential data and migrating an important business process outside your organization, you need the assurance that data security is a top priority. Our SOC2/SOC3 reporting provides you that assurance.
The foundation of any business relationship is trust. With business now increasingly transacted over the Internet, it becomes more difficult to know with whom you are dealing, and this has the potential of exposing your business to unnecessary risk.
As a leading data processing and 1098-T service provider, we know that establishing a trusting relationship is the first thing we need to do for our customers. Our promise that your data will be secure and protected while in our custody is backed up by an audit performed on our organization by an independent CPA firm.
The SOC Audit
A Service Organization Control (SOC2/SOC3) Report is conducted by Plante Moran, the nation’s eleventh-largest public accounting firm. The Tab Service Company SOC2 report is a detailed analysis and objective evaluation of security, processing integrity and confidentiality.
The Tab Service Company report indicates that the underlying controls that demonstrate adherence to the principles were found to be adequate and functioning correctly. No exceptions were found and a clean opinion was issued.
Our SOC2 report is available to customers and prospective customers upon execution of a mutual Non-Disclosure Agreement.
Our SOC3 report is a summary version that documents assurances on controls related to the above principles but without the detailed description of tests and results contained in the SOC 2 report. Our SOC 3 report is available here: Tab Service Company SOC3 Report 2017.
The qualified pen testing team at HALOCK, a leading information security consultancy, regularly performs our penetration testing. Penetration testing identifies the vulnerabilities in computer systems that can provide access to hackers and other malicious attackers. The testing shows what an attacker can do, while simultaneously measuring the effectiveness of existing security controls.
The results of rigorous, comprehensive pentration testing are used to make recommendations for implementing countermeasures to prevent attacks from occurring and to meet our compliance requirements.
We receive a HALOCK Penetration Test Report that includes a summary of the findings, documentation of each vulnerability and recommendations for remediation. We take these detailed findings very seriously, and continually update our security controls. When you work with us, you can rest assured that all personally identifiable information (PII), including Social Security numbers, is secure.