facebook noscript

VGS Successfully Completes SOC 2 Type II Report

April 15, 2024
soc-2-blog-featured

The SOC 2 Type II report confirms VGS's commitment to upholding rigorous standards for our customers.

VGS is pleased to announce that we successfully completed the SOC 2 Type II assessment after undergoing a comprehensive annual review that confirmed our fulfillment of all system requirements based on the trust services criteria outlined by the AICPA. This annual assessment is part of VGS's unwavering commitment to upholding elevated security standards.

VGS's SOC 2 Type II report resulted from a thorough examination of our internal controls and systems pertaining to the five Trust Services Criteria (TSC) outlined by the AICPA:

  • Security
  • Availability
  • processing integrity
  • Confidentiality
  • Privacy.2
icon

A SOC 2 examination is a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy. SOC 2 reports are intended to meet the needs of a broad range of users who need detailed information and assurance about the controls at a service organization relevant to the security, availability, and processing integrity of the systems the service organization uses to process users' data and the confidentiality and privacy of the information processed by these systems.1

“Successfully completing the SOC 2 Type II assessment provides transparency around VGS' practices, providing trust and assurance that VGS is upholding rigorous security standards through established company-wide controls that safeguard our customers' sensitive data. We live in a world with constant threats to data privacy and security. Our SOC assessment proves that VGS is well-equipped to handle today's and tomorrow's threats and provide our customers peace of mind.”
Headshot
Stu Cianos
VGS's Director of Security & Compliance

As a universal gateway and PCI-compliant vault, VGS empowers our customers by tokenizing sensitive payment data, limiting compliance scope, and consolidating payments to unlock revenue and business opportunities. As one of the world's largest tokenization providers by volume, VGS prioritizes providing customers with an elevated, secure experience that upholds the industry's latest security standards and best practices. Successfully undergoing annual SOC 2 Type II attestation since 2018 demonstrates the ongoing commitment and investment VGS makes to assure trust and security to the customers we serve.

Ready to Get Started?

Create an account with VGS and see how you can collect, store and transmit sensitive data in a processor-agnostic, PCI-compliant vault. It's free to get started, and in less than 10 minutes, you'll set up a baseline tokenization program that matches your unique needs.

Contact Us

Resources

  1. “SOC 2® - SOC for Service Organizations: Trust Services Criteria,” AICPA & CIMA, 2024, https://www.aicpa-cima.com/topic/audit-assurance/audit-and-assurance-greater-than-soc-2.
  2. Emily Bonnie, “SOC 2 Type II Compliance: Definition, Requirements, and Why You Need It,” Secureframe, April 6, 2023, https://secureframe.com/blog/soc-2-type-ii.
stu-cianos-headshot Stu Cianos

Director, Security & Compliance

jennifer-marshall-sibert-profile Jennifer Marshall

Marketing Manager

Share

You Might also be interested in...

migrating-java17-featured

Java Evolution: Unlocking Performance and Efficiency from Java 8 to 17

This post documents some of the challenges we’ve faced as we’ve tried to upgrade our applications to Java 17 and we hope some of the lessons we’ve learnt will be useful to other engineers.

Oleksandr Ahitoliev March 18, 2024

mpans-featured

Apple Pay is rolling out Merchant Tokens (MPANs)

What are these, and what does this mean for the payments ecosystem? Ever wondered how your Apple Pay transactions happen smoothly without your card number ever leaving your phone?

Khyati Srivastava
Arvind Santhanaraman March 21, 2024

pci-4-featured

PCI DSS v.4.0 is here. Are you ready?

The newest evolution of the PCI Data Security Standards (PCI DSS) is almost upon us. After PCI DSS v4.0 was announced in Q1 2022, companies had two more years left to use the old standard of PCI DSS v.3.2.1. Once it is officially retired on March 31, organizations have just one year to be compliant with PCI DSS v4.0.

Khyati Srivastava
Stu Cianos March 14, 2024