news products security Tanzu Mission Control

VMware Tanzu Mission Control Achieves SOC 2 Type 2 Compliance

We are very excited to announce that VMware Tanzu Mission Control has achieved SOC 2 Type 2 compliance. This milestone demonstrates our continued commitment to adhering to the highest-class industry security and operational standards so that our customers can safely and confidently run and manage their most mission-critical workloads on our platform.

The successful completion of the SOC 2 Type 2 auditing follows on the heels of our previously achieved compliance certifications, including ISO/IEC 27001, SOC 2 Type 1, and CSA Star. Visit the VMware Cloud Trust Center Compliance page for more information, including how to get access to these reports.

What is SOC 2 Type 2? 

System and Organization Controls (SOC) 2, developed by the American Institute of Certified Public Accountants (AICPA), is an auditing procedure designed to ensure that third-party service providers can securely manage data in order to protect the interests and privacy of their clients. It sets criteria for managing customer data based on five trust service principles: availability, confidentiality, processing integrity, privacy, and security. Compliance with this auditing procedure attests that the organization has put in place controls to meet those principles. 

SOC 2 carries out two types of examinations, which in turn generate two types of reports: 

  1. A SOC 2 Type 1 report – Describes a service vendor’s systems at a specific point in time and determines whether it is capable of adhering to the relevant trust principles. Tanzu Mission Control achieved SOC 2 Type 1 certification in October 2020. 

  2. A SOC 2 Type 2 report – Covers policies and procedures over a specified time period. It is issued after a more rigorous auditing process that takes place for a minimum of six months.

Continued commitment to keeping customers’ sensitive data secure

With world-class security and operations practices, the Tanzu Mission Control team is committed to delivering services that meet the industry’s highest standards while consistently protecting our customer’s sensitive data. Since the inception of this service, we have been actively engaged with various industry organizations, have undergone a number of auditing processes, and have subsequently achieved numerous compliance certificates, including ISO/IEC 27001, SOC 2 Type 1, and CSA Star.

The SOC 2 Type 2 report is the most comprehensive certification within the SOC protocol, and for businesses seeking IT service vendors, it is considered to be one of the most useful certifications when evaluating a service provider’s security-related credentials. By achieving SOC 2 Type 2 compliance for Tanzu Mission Control, the team has proven that our system has been rigorously designed to protect our customers’ most sensitive data, and at the highest level. When our customers engage their security teams to dig into our service design, these certifications make clear the ongoing commitment that we’ve made to our security and operational practices.   

To learn more about VMware’s commitment to customer confidentiality and data protection, please visit our compliance center, where you can find all the certificates that Tanzu Mission Control has been granted. And to learn more about Tanzu Mission Control, visit our website.