Our focus is on sustainable growth in industries that need a secure, business-class file sharing solution. That’s why we’re excited to share our latest security and compliance verification: the Service Organization Control (SOC) 2, Type 2 report.
The SOC 2 report provides third-party assurance that the design of Citrix ShareFile, and our internal processes and controls, meet the SOC 2 standards for security, availability, confidentiality, and privacy.
How Customers Can Use the SOC 2 Audit
Audit reports, such as SOC 2, are often required by customers in regulated industries (i.e. banking, finance, insurance, and health care) as part of compliance and security guidelines.
Citrix ShareFile, like other cloud providers, operates on a Shared Responsibility Model (http://www.sharefile.com/blog/security-and-compliance-part-1/ and http://www.sharefile.com/blog/cloud-compliance-security-part-2/).
In short, it means that responsibility for our customers’ compliance needs is shared between Citrix and the customer.
Our SOC 2 report provides customers with independently verified assurance that the ShareFile system meets the strict audit requirements set forth by the American Institute of Certified Public Accountants (AICPA). The SOC 2 report is the de facto assurance standard for cloud service providers.
The report contains detailed information about the design & operation of the ShareFile system, and the controls that Citrix has in place to protect customer data. Customers can use this report as part of a vendor risk management program, or to augment their own compliance strategies. An objective third-party assessment, such as a SOC 2 report, provides more value than a self-assessment or a sales pitch. We are pleased to offer this to our customers as further validation of our commitment to security & compliance.
For more information about the Citrix ShareFile SOC 2 audit, please reach out to your sales or care representative.
For more information about what a SOC 2 audit entails, please see the AICPA’s site here: