The upward trajectory of remote work has been steepened by COVID-19. For some credit unions and banks, virtually all of their staff are now working remotely. Lots of behind the scenes technology must come together and sing in harmony to allow the current state of remote work. But that's not all — this technology needs to be secure and reliable. How do financial institutions, especially smaller ones, know if technology providers fit the bill? That's where SOC certified providers come in.
Continuity Plans Accelerated
By regulation, all financial institutions must have a continuity plan in place. These plans also extend to providers. COVID-19 has amplified everything. Financial institutions will be going through their current plans and adding additional contingencies. This second look will include providers' plans.
While the FDIC did not see COVID-19 coming, they did issue technology provider contract guidelines back in April of 2019.
What Is SOC Certified?
SOC stands for Service Organization Control and is governed under the AICPA. From the AICPA's website:
SOC for Service Organizations reports are designed to help service organizations that provide services to other entities, build trust and confidence in the service performed and controls related to the services through a report by an independent CPA.
SOC reports are independently audited. They are a level of protection and standardization for service providers that financial institutions can have confidence in.
Are The Big Names SOC Certified?
Some of the largest cloud providers are Amazon and Microsoft. Are they SOC Certified? Yes. Below are SOC-specific links to both:
Of course, cloud isn't the only service needed for remote working. VPNs, which are private networks, are also an important component. Verifying that a VPN provider is SOC certified ensures another strong link in the remote work infrastructure chain.