F5 Distributed Cloud Services are SOC2 Type II Compliant
A SOC 2 Type II report is a Service Organization Control (SOC) report that focuses on the American Institute of Certified Public Accountants (AICPA) trust principles. It generally examines a service provider’s internal controls and systems related to security, availability, processing integrity, confidentiality, and privacy of data. These reports can play an important role in providing oversight of an organization, vendor management programs, and regulatory oversight. A Type II report covers both the suitability of an organization's controls and its operating effectiveness over a period of time.
At F5, the SOC 2 Type II report helps meet the needs of our customers who need detailed information and assurance about the controls at F5. It offers evidence to our customers that we are implementing the security controls that we say we do and that those controls are working as intended. Without eyes and ears across the cloud, it is difficult to assess how secure the information is in the hands of third-party vendors and a SOC 2 Type II report offers this peace of mind.
Of the five trust principles that an organization can choose to follow, SDC is certified for the security, availability, and confidentiality of the information processed by our systems.
Each trust principle lists control objectives which the organization decides how it wants to meet these control objectives. SOC 2 trust principles are modeled around:
Applicable Products: F5 Distributed Cloud, Bot Defense, and Silverline
