What are the client benefits of a certified managed service provider?
The Unified Certification Standard (UCS) for Cloud & Managed Service Providers is the benchmark for certified managed service providers. The principles found in this model make it the best way for evaluating cloud and MSP companies.
An SOC 2 Type 2 certification is a recognized auditing standard in the United States for service providers which demonstrates they have completed an in-depth audit of their control activities by an authorized outside third-party. It is accepted as the authoritative guideline for meeting various regulations across a wide range of industries.
This certification verifies that the provider’s claims regarding their controls in hosting and IT infrastructure services, security practices, physical and logical facility access, environmental controls, data backups, customer service practices, and management policies are assessed to be operating sufficiently.
When a managed service provider embraces the UCS standard as a platform for their operation and uses them as the foundation for their certification, it becomes an assurance for the client that their provider is handling client information technology in a best of class manner.
The direct benefits a client receives from a SOC 2 Type 2 certified provider is a third-party confirmation that:
- The services the provider promises and delivers are carried out in a controlled fashion. Their controls have been verified to be fair, secure, and properly designed to meet their intended purpose,
- The provider conducts its daily business in an accountable manner, and the provider is financially stable
These third-party reports are:
- Recognized independent assessments that the controls are operating effectively, and
- Available to the client for their use in complying with various regulating agency requirements (including Sarbanes-Oxley, HIPAA and others).
Mainstream Technologies is both SOC 2 Type 2 certified and MSP Alliance Cyber Verify certified. which assures our clients that we have passed the most rigorous audit standards in the industry today to protect their information assets in the most secure manner possible.
MSP Alliance Cyber Verify
The MSP Alliance’s mission is to promote the cloud computing and managed IT services Industry. The MSP Alliance created the Unified Certification Standard (UCS) certification for the managed services industry. It includes 11 core principles (objectives) of how an IT service organization should operate and is the best model for evaluating cloud and MSP companies. Developed for MSPs by MSPs, it’s the longest-standing program of its type in existence today.
The UCS has been reviewed by governmental agencies and regulatory bodies across the world and has become broadly accepted in the banking, healthcare, and accounting industries.
The 11 principles of the UCS are:
- Organization, Governance, Planning and Risk Management
- Documented Policies and Procedures
- Service Change Management
- Event Management
- Logical Security
- Change Management
- Data Integrity
- Physical and Environmental Security
- Service Level Agreements
- Customer Reporting and Billing
- Financial Health
SOC 2 Type 2 certification
The SOC 2 Type 2 certification is the Reporting Audit on Controls at a Service Organization by the AICPA (American Institute of CPAs).
According to the AICPA, this examination confirms that “management’s description of the service organization’s system fairly presents the system that was designed and implemented throughout the specified period.
The controls related to the control objectives stated in management’s description of the service organization’s systems were suitably designed throughout the specified period.
When included in the scope of the engagement, the controls operated effectively to provide reasonable assurance that the control objectives stated in management’s description of the service organization’s systems were achieved throughout the specified period.”
As with the UCS, the SOC 2 Type 2 is a confirmation that the services offered by the provider meet a minimum set of standards. Achieving these certifications demonstrates the provider’s commitment to helping their clients meet their business goals by fulfilling the regulatory obligations they are ultimately responsible for.
SOC 2 Type 2 Compliance:
- Demonstrates the Provider’s commitment to a high-quality level of service,
- Is inherently customer-focused, and by
- Combining the two demonstrates a best practice for cloud and managed service providers, which
- Will meet or exceed their clients’ information management needs…..as well or better than they can meet their own
Mainstream Technologies
Mainstream Technologies is both SOC 2 Type 2 certified and MSP Alliance Cyber Verify certified. Mainstream Technologies was the first managed service provider worldwide to achieve their UCS certification. Our President, John Burgess currently serves on the MSP Alliance Board of Advisors.
The SOC 2 Type 2 certification reports provide our clients with transparency in our operational structure, internal processes, control activities, and financial stability in standardized reports that meet many regulatory obligations including Sarbanes Oxley and HIPAA.
Mainstream Technologies is one of the fastest-growing IT companies in the Mid-South, serving clients from its headquarters in Little Rock, AR. Our staff of 75 serves business customers across the nation with Managed Network Services, Custom Software Development Services, Cybersecurity Services, and Data Center Services.
###