As data breaches and targeted attacks on Managed Service Providers (MSPs) present a massive threat, enterprises are asking for assurances on data security. Regulatory compliance, such as SOC 2, is rapidly becoming a “must-have,” not a “nice to have.”
For MSPs, SOC 2 is considered the gold seal of approval in compliance for the secure handling of data, and a critical differentiator that can help win new business. Obtaining SOC 2 can be a lengthy journey that requires a dedicated compliance team, regular internal audits and vulnerability assessments, and engaging an independent third party assessor to perform semi-annual audits.
Tehama successfully maintains SOC 2 Type II compliance for three of the Trust Services Principles: security, availability and confidentiality. By using the Tehama Platform and taking advantage of Tehama’s SOC 2 compliance, Pythian was able to transition over one hundred of their security controls to Tehama, such as data encryption and strong access control, and achieved SOC 2 Type II compliance in a rapid timeline.
This is a great example of an MSP leveraging Tehama to strengthen their security posture, while reducing the overall cost of maintaining an audit program.
“Tehama is central to Pythian’s SOC 2 compliance program. Offloading access, encryption and availability controls to Tehama has allowed Pythian to focus where we want to spend our time, on our customer processes.”
— Marc St. Louis, VP Security and Technical Services, Pythian
To learn more about Tehama’s SOC 2 Type II compliance and how the platform can help strengthen your security posture, contact us today.
About the Author
Director of Compliance and Program Management
Manisha is a tenured program manager with over ten years of program and project management. At Tehama, she developed and delivers the Tehama Compliance Program, which led the service through its first SOC 2 Type I and then Type II audit successfully. Previously, she was part of Pythian’s Services business unit, helping lead its client and internal projects. She has also worked for various large corporations and as a technical consultant for enterprise software. Manisha has a Bachelor of Science from York University, a Masters Certificate in Project Management, and is a certified Project Management Professional.