Contact Us
Subscription Login
Call: 1-800-974-8099

What Does SOC-2 Compliance Mean?

a chain with a padlock that says abus 65/50 on it

Click image to view full size.

Survey & Ballot Systems (SBS) provides Associations, Unions, Cooperatives, Credit Unions, and other Member-Based Organizations with reliable software and services to conduct credible surveys and electionsData security is vital to our work as a trusted service provider for a wide range of election needs. While it may be easy for companies to claim they have top security measures, it is also important for clients to know how their service providers comply with industry standards.

One way to ensure the implementation of quality data security controls is by complying with Service Organization Control Type 2 (SOC-2) standards. SOC-2 is a set of guidelines developed by the American Institute of Certified Public Accountants (AICPA) for third-party service providers. It’s a template for cybersecurity compliance designed to ensure proper storage and processing of client data.

Understanding SOC-2 Compliance

In the context of our work at SBS, SOC-2 compliance in voting regulates the security, integrity, and confidentiality of all data collected, processed, and stored by our software programs. SOC-2 also plays a crucial role in:

  • Organization oversight
  • Internal corporate governance and risk management processes
  • Vendor management programs
  • Regulatory oversight

This level of compliance is essential when looking for a vendor, especially one that handles your member and voter data. Our strict adherence to the SOC-2 framework helps you feel confident that all voting data remains secure and confidential, while still providing you with the convenience of a third-party election.

The Principles of SOC-2

SOC-2 has a predefined set of conditions that companies must meet. Service providers can create tailored security solutions for their respective programs, provided they meet the five basic principles of SOC-2:

  1. Privacy: Any personally identifiable information gathered, stored, processed, and disclosed by the service provider must meet governing policies on data usage and privacy. These details include members’ and voters’ names, ages, contact information, and Social Security numbers, which SBS hosts through private data centers.
  2. Confidentiality: To ensure confidentiality, data access must be limited to a specific group of people. We offer industry-leading Symantec® Transport Layer Security encryption to protect voter data.
  3. Availability: Systems must be able to accommodate high traffic without crashing. Our security features include disaster recovery plans for secure software and processes.
  4. Security: SOC-2 requires data and systems protection against external or unauthorized access, like our top-level authentication protection programs at SBS.
  5. Processing integrity: All systems must function according to design, without delays, bugs, or errors. We address this requirement through ongoing vulnerability assessments, including daily malware scans.

The Benefits of SOC-2 Compliance

SOC-2 reporting goes beyond data privacy. It also benefits institutions and organizations in other ways, including:

  • Improved security: SOC-2 gives you a better outlook toward overall security. It raises awareness for organizations and makes you more critical of the systems and processes you implement within your circle.
  • Reputational protection: SOC-2 compliance proves your commitment to ensuring data protection. This gives your members confidence in your capacity to safeguard their personal information, encouraging them to participate in elections and internal surveys.
  • Added trust: SOC-2 compliance builds trust with people who are conscious of security. Whether you’re looking to increase voter turnout in your elections or recruit more individuals to participate in surveys, having a secure system can help.
  • Time and money savings: A SOC-2 report saves you a lot of time and money in the long run. The certification also makes it easier to reassure members of their protection.

Choose a Partner With Superior Data Security Measures

SBS is a leading provider of turnkey solutions for third-party surveys and elections. Our wide range of services and software programs provide various organizations and institutions with secure processes to conduct credible and independent online elections. Contact us to learn more about our security measures and services.