“By obtaining the SOC 2 Type 1 report, we are now able to provide an additional layer of verified security to our clients, assuring that the Vault solution is secured at all times and that we have the processes in place to ensure availability.”
Ledger Vault, which provides cryptocurrency storage tool for institution level investors and enterprises, runs a custody division under the parent Ledger company.
The SOC 2 audit assesses a company’s security through an audit, validating appropriate administration of client data by service based firms.
“As a proof of compliance to the AICPA auditing procedure, SOC 2 Type 1 report shows that a SaaS [software-as-a-service] firm has best practices in place,” as detailed by a blog post from RSI security.
The post stated “It gives potential customers the assurance that a service organization has passed the said auditing procedure, and that their data is safe if they work with the SOC 2-compliant company.”
On the contrary, a SOC 2 Type 2 audit sets the bar high, with tests being conducted against additional in-depth standards while necessitating an extended time horizon for an approval.
While carrying out the SOC 2 Type 1 analysis, Friedman scrutinized Ledger on several stages, including safety and disaster recuperation, and also loads of various technical parameters.
Ledger’s chief technology officer Charles Guillemet, said “Receiving this attestation is an achievement as it shows our processes and systems are streamlined, documented and overall secure.”
In the upcoming year, the company intends to secure a SOC 2 Type 2 clearance, as per info provided by Ledger CEO Pascal Gauthier.
The successful audit has happened months after Ledger’s database got exposed, revealing client data. The renowned hardware wallet firm fixed the bug following the occurrence.
Cryptocurrency exchange Gemini stated that it had cleared SOC 2 Type 2 trial earlier in January.