Important: DIDLive itself does not hold a SOC 2 certification. Our infrastructure is hosted on Amazon Web Services (AWS) and Google Cloud, both of which independently maintain SOC 2 Type II certifications. This page describes the security controls inherited through our cloud providers under the shared responsibility model.
What is SOC 2 Compliance?
SOC 2 (System and Organization Controls 2) is a compliance framework developed by the American Institute of Certified Public Accountants (AICPA) that defines criteria for managing customer data based on five trust service principles: Security, Availability, Processing Integrity, Confidentiality, and Privacy.
SOC 2 reports are independent third-party examination reports that demonstrate how an organization achieves key compliance controls and objectives. Type I evaluates the design of controls at a specific point in time, while Type II evaluates the operational effectiveness of those controls over a period β typically 12 months.
For telecommunications providers handling voice, messaging, and customer data, SOC 2 compliance is critically important. It provides assurance that the infrastructure, processes, and controls protecting your communications meet rigorous, independently verified security standards.
Trust Service Criteria
Security
Protection against unauthorized access β both physical and logical. Includes network firewalls, intrusion detection, multi-factor authentication, and encryption.
Availability
Systems are available for operation and use as committed. Multiple availability zones and regions with documented uptime SLAs.
Confidentiality
Information designated as confidential is protected as committed. Data encrypted at rest and in transit with strict access controls.
Privacy
Personal information is collected, used, retained, disclosed, and disposed of in conformity with commitments and applicable criteria.
AWS SOC 2 Compliance
DIDLive's primary infrastructure runs on Amazon Web Services (AWS), which maintains comprehensive SOC compliance. AWS SOC reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives. AWS maintains SOC 1, SOC 2, and SOC 3 reports that are independently audited under SSAE No. 18 attestation standards.
The AWS SOC 2 report specifically covers Security, Availability, Confidentiality, and Privacy trust service criteria. These reports are audited on a 12-month cycle and are available to AWS customers who require them for their own compliance assessments. AWS also publishes a publicly available SOC 3 report that summarizes these findings.
Google Cloud Compliance
In addition to AWS, DIDLive utilizes Google Cloud services for certain operations. Google Cloud also undergoes regular independent SOC 2 Type II audits covering the same trust service criteria. This means both of our primary cloud platforms maintain the same rigorous compliance standards.
What This Means for DIDLive Customers
By building our infrastructure on SOC 2-compliant cloud platforms, DIDLive inherits a strong foundation of security, availability, and privacy controls. This is often referred to as the "shared responsibility model" β AWS and Google Cloud are responsible for the security of the cloud infrastructure itself, while DIDLive is responsible for security within the cloud (our applications, configurations, and data management).
Data Encryption
Your voice data and account information benefit from enterprise-grade encryption both in transit and at rest across all cloud platforms.
Geographic Redundancy
Infrastructure distributed across multiple availability zones and regions ensures your services remain available even during localized outages.
Audit-Ready
Our cloud providers' SOC 2 compliance helps support your own compliance and audit requirements, providing documented evidence of infrastructure controls.
Physical Security
AWS and Google Cloud data centers maintain strict physical access controls, environmental protections, and 24/7 monitoring that exceed what most organizations could achieve on their own.
Enterprise Security for Your Communications
DIDLive runs on SOC 2-compliant cloud infrastructure from AWS and Google Cloud.
View Reliability Overview β