We’re Serious About Security: SABX is SOC 2 Compliant

Dec 1, 2021

SABX is proud to be SOC 2 compliant, a significant third-party validation of SABX’s internal and external processes. Awarded only after a rigorous audit of our system and organization controls, SOC 2 compliance confirms our data security at every level — from our development process, to how our IT team operates, even extending to our HR policies, procedures and onboarding.

At SABX, we hold ourselves to strict security standards to ensure our customers’ data is protected. We intend for SABX :: Seller and Buyer Xchange to be the most secure B2B and wholesale commerce platform for companies who invest their trust, time, and resources in our tools — and we’re always looking for ways to bring our security standards to the next level.

What is SOC 2?

SOC stands for Service Organization Controls, a series of accounting standards set by the American Institute of CPAs (AICPA). These standards are widely recognized as the best-in-class practices for how companies who handle customer data should protect it.

AICPA developed SOC 2 standards specifically to meet the growing needs of technology companies classified as service organizations for SOC reporting. These include entities such as data centers, IT managed services, software as a service (SaaS) providers like us — and other technology and cloud-computing-based businesses. 

When a company is SOC 2 compliant, it means an independent auditor reviewed their operations and confirmed that they meet the criteria prescribed by the AICPA for up to five Trust Services Principles:

  • Security: The system is protected against unauthorized access (both physical and logical).
  • Availability: The system is available for operation and use as committed or agreed.
  • Processing Integrity: System processing is complete, accurate, timely, and authorized.
  • Confidentiality: Information designated as confidential is protected as committed or agreed.
  • Privacy: Personal information is collected, used, retained, disclosed, and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and Canadian Institute of Chartered Accountants (CICA).

What Does Our SOC 2 Compliance Mean for You?

Because SABX is SOC 2 compliant, you can be confident we follow the highest standards of security.  A third-party has independently verified that we reliably and securely maintain the confidentiality, availability and integrity of your data assets.

Any time your company uses a third-party vendor for services that include collecting, processing or retaining your business information, you should ask whether they are SOC2 compliant, as it ensures a higher standard for protecting your data and keeping it secure over time.

SABX decided to undergo the rigorous process of fulfilling SOC 2 compliance to be a trusted partner for our existing customers and for the many who will come on board in the future. We’ll continue to invest heavily to ensure the data and information our customers entrust to us is safe, secure and always available.

SABX is SOC 2 Compliant - AICPA SOC Logo