Tag Archive for: SOC Audit

Our SOC Audit Is Complete!

We are proud to announce that we completed our SOC 2, Type 1 Audit and are compliant with the AICPA’s Trust Service Criteria for Managed Service Providers.

An independent auditing firm did a thorough examination of PCR Business System’s security policies and procedures and concluded that we have the highest level of controls in place to protect your company’s privacy and sensitive data.

(Click here for more information about SOC Audits)

WHY THIS IS A BIG DEAL

To start, it means that you can rest assured knowing that we will keep your network and data safe from cyber-attacks. With the growing trend of managed service providers being hacked, you can’t take any chances with your Information Technology Company.

As we discussed in the article “The Wild West of IT Services,” the IT industry is unregulated. This means no one is watching over IT Service Providers and no one is keeping tabs on how they store and protect your network and data.

Therefore, you must do your homework to make sure you are working with an IT Company who has the highest security controls in place.

We chose to have the SOC Audit to reinforce that we provide the best IT services in Akron and to show our partners that we will continue to take whatever steps necessary to keep their trust.

Email us to read the full report!

The Wild West of IT Services

In 1878, William Bonney, aka “Billy the Kid,” along with a posse of gun-toting outlaws known as the “Regulators,” wreaked havoc in New Mexico as they fought for control of dry goods and cattle interests in Lincoln County. You may be familiar with the gang and their story from the movie Young Guns (and from the Warren G and Nate Dogg song, of course).

Many words come to mind when we think about the Old West and the era Young Guns depicted including lawless, wild, and dangerous. The gang took the name “Regulators” because they believed the lawmen in their county were corrupt. Despite their violent behavior they considered themselves “good guys” and sought to regulate the cattle monopoly and make sure justice was served.

Today, there are regulators in just about every industry we work with. None of them carry around side-arms or ride into our client’s offices on horseback, but they do instill fear with threats of legal actions and heavy fines if companies aren’t compliant.

Our clients are governed by laws and regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA); the Payment Card Industry Data Security Standard (PCI DSS), and the Federal Information Security Management Act (FISMA), just to name a few.

But strangely, the one industry we are most familiar (and the one in which we work) is the one that isn’t regulated at all—Information Technology Services, or IT Support.

There are no regulations or regulators in the IT Industry. IT service providers are not governed by compliance laws. It’s almost as if the IT industry is its own Wild West.  For fly-by-night companies, having little or no regulations is a wonderful thing. Any kid with a laptop can create a website and offer IT Services for Akron businesses. There’s no one looking over their shoulder to see what they’re doing with your passwords or client’s most sensitive information.

For businesses, this is a terrifying proposition. For all you know your remote IT guy is eating Cheetos and playing video games while he claims to be monitoring your network. There is really no way of knowing for sure.

Who’s watching over your IT service provider?

So what can you do to make sure you hire the right IT Provider?

1-Make sure you only work with an established company who has earned the trust of their clients over the years. PCR has been in business since 2004 and has partnered with over a hundred Akron area businesses during that time.

2-Have a conversation with your IT Service Provider. Can they answer the following questions?

  • Are they truly maintaining critical security updates for your IT systems? Have you outgrown their ability to adequately support you?
  • Are your IT systems truly secured from hackers, viruses and rogue employees?
  • Are your backups configured properly to ensure that you could be back up and running again fast in a disaster?
  • Are you unknowingly exposing your company to expensive fines and litigation under Ohio data breach laws?
  • Does your cybersecurity program conform to the new Ohio Data Protection Act.

3-***MAKE SURE THEY ARE SOC 2 CERTIFIED*** PCR Business Systems made the choice to get SOC 2 audited in order to give our clients peace of mind.

We are one of—if not the only— IT Service Provider in Northeast Ohio to be SOC 2 audited. That means we’ve spent the time and money to ensure what we promise to our clients—both in terms of the privacy and data protection protocols we follow, as well as the services we offer—is exactly what we deliver.

For more information schedule a FREE IT Discussion with me.

Pat Carroll

President, PCR Business Systems

Email me Directly