ManagedWay Data Centers Now SOC 2 Compliant

TROY — ManagedWay, a Troy-based provider of cloud computing, fiber optic internet and colocation services, has announced that it had completed the SOC 2 Type II audit, a rigorous third-party review of the company’s security, software, people, procedures and infrastructure.

SOC (Service Organizatdion Controls) Type 2 certification focuses on an organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and the privacy of a system, as opposed to SOC 1, which focuses on financial reporting controls.

“Data transport, storage and security is a complex and competitive business,” said Robert Sanders, president of ManagedWay. “Each company claims to have robust safeguards in place, but how is the consumer supposed to know if they really do? SOC II compliance is the mechanism that makes this distinction and gives customers absolute trust in the effectiveness of our controls.”

SOC 2 Type II certification is based on five ‘Trust Services Principles and Criteria’
* Security: The ManagedWay system is protected, both logically and physically, against unauthorized access
* Availability: The ManagedWay system is available for operation and use as committed or agreed to
* Processing Integrity: ManagedWay system processing is complete, accurate, timely, and authorized
* Confidentiality:  ManagedWay information that is designated “confidential” is protected as committed or agreed
* Privacy: Personal information is collected, used, retained, and disclosed in conformity with the commitments in the ManagedWay’s privacy notice and with the privacy principles put forth by the American Institute of Certified Public Accountants

ManagedWay operated date centers in Troy and Byron Center, a suburb of Grand Rapids.

“Ten years ago, managed hosting was like the wild west, with lots of start-ups and few regulations,” Sanders said. “It’s a much more sophisticated industry now, and SOC 2 Type II compliance is crucial distinction to validate internal processes and know-how. It also provides an important stepping stone for clients to meet their compliance requirements, including HIPPA, FTC, SEC, ERISA, SOX, FMLA, FLSA to name just a few.”

For more information, visit

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.