Ledger, a crypto company providing a number of hardware wallet solutions, has obtained a successful System and Organization Controls (SOC) Type 1 test.
It has been reported that Friedman LLP, a New York-based accounting firm, ran the SOC 2 Type 1 test on Ledger.
However, a statement said:
“By obtaining the SOC 2 Type 1 report, we are now able to provide an additional layer of verified security to our clients, assuring that the Vault solution is secured at all times and that we have the processes in place to ensure availability.”
Ledger Vault operates as a custody wing under the broader Ledger company. The SOC 2 exam analyzes a company’s security by way of an audit, verifying the proper handling of customer information by service-based entities.
A blog post from RSI security explained:
“As a proof of compliance to the AICPA auditing procedure, SOC 2 Type 1 report shows that a SaaS [software-as-a-service] firm has best practices in place.”
The post added:
“It gives potential customers the assurance that a service organization has passed the said auditing procedure, and that their data is safe if they work with the SOC 2-compliant company.”
Likewise, a SOC 2 Type 2 exam raises the bar by testing against more in-depth standards while requiring a longer time horizon for a green light.
During the SOC 2 Type 1 analysis, Friedman investigated Ledger on a number of levels, including its disaster recovery strategy and its security, as well as a host of other technical specifics.
Charles Guillemet, the CTO of Ledger, said:
“Receiving this attestation is an achievement as it shows our processes and systems are streamlined, documented and overall secure.”
According to Pascal Gauthier, the CEO of Ledger, next year, the company aims toward securing a SOC 2 Type 2 approval.
Thus, the popular hardware wallet company fixed the root of the problem following the incident.