Trust is a critical component in a customers' decision of what company to work with when deploying a cloud service. Cloud security is critical, as data breaches or data loss can cost millions, and service availability needs to be maintained for business continuity.
How can you trust that your construction software provider is meeting the cloud security, availability and processing integrity standards that you need? One factor to consider is to ask about external audits and industry certifications.
We are pleased to announce that Autodesk has achieved SOC 2 Type attestation for BIM 360 Docs and BIM 360 account administration (also known as BIM 360 HQ), as well as underlying services within Autodesk's cloud platform.
What is SOC 2?
SOC 2, administered by the American Institute of Certified Public Accountants (AICPA), provides guidelines for an audit of a service organization on the controls it has in place relevant to elements such as security, availability, processing integrity and confidentiality. The recent SOC 2 attestation was based on an extensive audit by KPMG and it is a testament to Autodesk's ongoing focus and commitment to product security.
During the audit, BIM 360 Docs, BIM 360 account administration, as well as underlying services within Autodesk's cloud platform services were evaluated across key areas:
- Security: protection against unauthorized access, use or modification
- Availability: the system is available for operation and use as committed or agreed
- Processing Integrity: processing is complete, valid, accurate, timely and authorized
Autodesk's approach to cloud security
Protecting customers from security threats is a priority for Autodesk, and our processes and technology are intended to keep customer data secure.
Through the SOC 2 audit process, our customers can be confident that the controls and processes that affect the security of our products and infrastructure, the availability of the systems used to process data, and the confidentiality of the information within those systems meets and exceeds the highest industry standards.
With many of these processes, controls and infrastructure being shared by our cloud products, we plan to submit additional cloud product offerings for SOC 2 audits. Detailed information on Autodesk's security and privacy practices are available on the Autodesk Trust Center.