USDT, the leading stablecoin with a current market value exceeding the $100 billion mark and a year-to-date growth of more than 14%, has its issuer Tether setting a new milestone in security audits.
Tether completes SOC 2 Type 1 audit
Yesterday (1), Tether announced the successful completion of the System Organization Control (SOC) 2 Type 1 audit, which is the preliminary stage of the "highest security compliance level" an organization can demonstrate. This audit was developed by the American Institute of Certified Public Accountants (AICPA) and is the “gold standard” in security compliance.
In this regard, Tether CEO Paolo Ardoino said:
This compliance measure assures our customers that their assets and data are properly managed in an environment that meets the highest standards of data protection and information security. This independent verification of our security controls is extremely important to Tether, demonstrating We are committed to our determination to become the most trustworthy and compliant stablecoin in the world.
Tether is committed to undergoing annual SOC 2 audits to ensure that its operations and security practices meet the highest standards. There is a second type of SOC 2 audit. The difference from the first type is that the first type focuses on a specific point in time, while the second type evaluates a specified period of time. Tether stated that it aims to obtain SOC 2 Type 2 certification by the end of 2025, which will assess the operational effectiveness of Tether’s internal controls within 12 months.
Five Standards for SOC 2 Audits
According to the announcement , the SOC 2 audit standards are based on five key "trust service principles":
- Security : These are measures to protect consumer data from unauthorized access, including firewalls, intrusion detection systems, and strengthened authentication protocols.
- Availability : Focus on maintaining a reliable and active network, while also focusing on the efficiency of problem solving. This means that systems need to meet established operational standards and be able to be quickly fixed when problems occur.
- Processing Integrity : Focus on whether the system achieves its purpose, which is to provide accurate data at the right price and at the right time.
- Confidentiality : Limiting access and disclosure of data to authorized individuals or organizations, and emphasizing encryption of data during data transmission.
- Privacy : Ensure that personal information is collected, used, stored and disclosed in a responsible manner.
When conducting a SOC 2 Type 1 report, an organization's compliance with these principles is assessed. In the case of Tether, the report would ensure that Tether has strong IT controls in place to keep their systems secure, accessible when needed, and keep information private. This includes checking firewalls, intrusion detection, and strengthening customer identities. Measures such as verification, as well as network reliability and speed of problem resolution.
Therefore, the SOC 2 audit is not to review the reserve transparency behind USDT, but to evaluate the relevant control measures adopted by the organization's information system and data protection based on the above principles.
