MSP Today Expert Feature
July 20, 2016

Xcentric Enlists Netwrix to Pass SOC 2 Audit

Xcentric provides its managed services to firms in the accounting industry. It offers accounting clients consulting, cloud services, and help desk features to take the heavy lifting away from those clients’ on-premise responsibilities.

Now, Xcentric can offer one more guarantee to its faithful: passing the Service Organization Control 2 (SOC 2) audit with help from Netwrix Corporation. Xcentric reached out to Netwrix to make use the its auditing capabilities that come largely as part of what the Netwrix Auditor, a data visibility and governance software, can perform. Auditor can monitor the health of a complex hybrid cloud network and protect data in the private or public cloud and on the client’s premise; it proved essential in helping Xcentric prepare for the SOC 2 audit by making sure that all its changes to active directory and group policies could be logged and monitored.

The SOC 2 audit analyzes a company’s ability to control the security and integrity of its non-financial file systems. It works in tandem with the SOC 1 analysis that focuses on financial data. Together, the audits, if passed, can show existing and potential customers that companies such as Xcentric are ready to handle the most confidential data and keep their customer information secure to the point that it is private from all outside entities.

Data handlers like managed service providers (MSPs) may process all manner of customer data. In the accounting industry, they may even handle financial information on top of general business concerns such as management of their help desks. This places a large burden on MSPs because they must be ready to keep their client information secure while also remaining in line with industry regulations regarding the processing and storage of data.

Netwrix offers its software to ease that burden. It can monitor thousands of changes at once to the Xcentric active directory and group policy and make sure that those changes conform to Xcentric’s internal security policy. Xcentric reportedly found the Netwrix option attractive for its capability and also for its pricing structure, which works on a monthly basis.

Furthermore, the Netwrix option allows Xcentric to monitor user behavior in real time and compare current behaviors to past ones. In this way, it can detect strange actions that may be a first glimpse into a data breach.

Xcentric now finds itself protected on many fronts. It can now also claim prominence among its peers for having completed the SOC 2 audit. Sam Hollis, the company’s lead infrastructure engineer, called the pairing with Netwrix “priceless,” and it is easy to see why.

Edited by Stefania Viscusi