Achieves SOC 2 Type 2 Certification at Mission Critical Data Centers

ANEXIO, a provider of mission critical infrastructure solutions, announced it has successfully completed the Service Organization Control (SOC) 2 Type 2 audit.

A leading independent auditor, conducted the audit, which verifies that ANEXIOs information security practices, policies, procedures and operations meet the SOC 2 standards for security, availability, and confidentiality.

“Completing the SOC 2 Type 2 audit demonstrates our ongoing commitment to security and underscores the investment we’ve made to keep our customers’ data and systems safe,” said Tony Pompliano, ANEXIO CEO “Our customers rely upon ANEXIO’s multiple Data Centers in Northern VA, and the NY Metro area to provide highly secure, ultra-performance and resilient data center centric solutions for mission critical applications and systems. Organizations faced with compliance requirements around sensitive data, like PCI DSS, FISMA, and HIPAA, can leverage ANEXIO’s SOC 2 Type 2 as part of their compliance strategy.”

Why is SOC 2 Type 2 Important to Our Customers?

Service providers must demonstrate that they have adequate controls of data protection technologies and processes. The SOC 2 Type 2 report puts strict audit requirements in place and sets a high bar with a more meaningful audit standard then SAS70 or SSAE 16 SOC 1. The same audit report used by Amazon Web Services and Google, SOC 2 validates the security of infrastructures and services and is rapidly becoming an industry standard. “The certification sets ANEXIO apart from other traditional Managed IT firms in the growing cloud ecosystem. Our customers, which range from the world’s largest enterprises to SMBs, can be assured that the highest level of internal controls and security are established and maintained,” said Jim Griffin, ANEXIO SVP Service Delivery.

The importance of auditing is also recognized and encouraged by Gartner. “Cloud computing is a powerful tool for IT and businesses. Public cloud computing can be adopted safely and sanely. However, enterprises must do their homework, and avoid taking blind leaps of faith; otherwise, they will run huge risks with their mission-critical data, applications and processes,” said Gene Phifer and Jay Heiser in their report Look Before You Leap Into Cloud Computing.

About SOC 2 Type 2

The Service Organization Control (SOC) 2 Report is performed in accordance with AT 101 and based upon the Trust Services Principles. The Trust Service Principles which SOC 2 is based upon are modeled around four broad areas: Policies, Communications, Procedures, and Monitoring. Each of the principles have defined criteria (controls) which must be met to demonstrate adherence to the principles and produce an unqualified opinion (no significant exceptions found during the audit). The audit includes a full assessment of:

  • Security: Data centers are protected against unauthorized access (both physical and logical).
  • Availability: Data centers are available for operation and use as committed or agreed.
  • Processing integrity: Processing is complete, accurate, timely and authorized.
  • Confidentiality: Information designated as confidential is protected as committed or agreed.
  • Privacy: Personal information is collected, used, retained, disclosed and destroyed in conformity with privacy principles issued by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA). Trust principles predefine the criteria businesses must meet, making it easier for business owners to know what compliance needs are required and for users of the report to read and assess the adequacy. For more information about SOC 2 audits, see the American Institute of Certified Public Accountants website.


ANEXIO is an accredited provider of cloud and managed IT business services, delivering a broad range of advanced & innovative IT services to small, mid-size enterprise organizations, including mission critical infrastructure solutions. ANEXIO is an expert on managing customer premise legacy IT infrastructure and transitioning users to highly secure & reliable cloud based solutions. The company serves several key industries including Financial Services, Healthcare, Technology, Professional Services and Entertainment and Media.