Optimal IdM has been providing innovative and quality identity management solutions and services since 2005. With The OptimalCloud, we are able to offer our clients a comprehensive cloud federation and single sign-on solution that is way ahead of the competition. Not only can The OptimalCloud be completely customized to meet the unique needs of our clients, but it is available at an affordable flat monthly fee instead of a pricey per user, per month cost. Most importantly, The OptimalCloud offers a higher level of security than other solutions, with its dedicated private cloud and custom synchronization options. If that isn’t enough, Optimal IdM has recently achieved its SSAE 16, SOC 2, Type I compliance certification ensuring its clients an even higher level of reliability and security for their identity data.

What is SSAE 16 and SOC 2 Type I Compliance?web-seal SOC2T1

The Statement on Standards for Attestation Engagements 16 (SSAE 16) is an auditing standard for service organizations that was created by the American Institute of Certified Public Accountants (AICPA) [1]. These standards are the foundation for compliance audits such as Service Organization Controls (SOC), Type 1 which is a report that depicts an independent snapshot of the organizations control landscape on any given day. [2] The audit for this report is based on the five Trust Services Principles and Criteria (TSPs) including;

  • Security – ensuring protection against unauthorized access
  • Availability – ensures the system is available and operational as described
  • Processing Integrity – ensures the processing of the system is complete, valid, accurate, timely and authorized
  • Confidentiality – ensures confidential information is protected as agreed to
  • Privacy – ensures that all personal information is in compliance with service organizations privacy notice and meets the criteria within the Generally Accepted Privacy Principles (GAPP) issued by the AICPA

What Does This SSAE 16 Compliance Mean for Your Business? 

Security is a major concern for every organization this day in age – even more so when dealing with cloud solutions. Not only does The OptimalCloud offer more security right out of the box with its dedicated private cloud and synchronization options, but it’s SOC 2 Type I compliance now ensures the upmost in security and integrity for your organization. Selecting a SOC 2, Type I cloud provider like Optimal IdM, not only ensures your organization is meeting its own compliance regulations but it also offers you the highest level of security and more importantly, piece-of-mind that your most critical data is being protected by a proven, reliable partner. You can’t put a price on security and piece-of-mind in the tech world today.   Sources: Wikipedia, [1] https://en.wikipedia.org/wiki/SSAE_16 , [2] https://en.wikipedia.org/wiki/System_and_Organization_Controls   


  • The database in which all of your organization’s sensitive identity data is stored.
  • A digital ledger in which digital transactions are recorded chronologically and publicly.
  • Securely managing customer identity and profile data, and controlling customer access to applications and services.
  • The means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.
  • A legal framework that sets guidelines for the collection and processing of personal information of individuals within the EU.
  • The policy-based centralized orchestration of user identity management and access control.
  • An authentication infrastructure that is built, hosted and managed by a third-party service provider.
  • A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
  • A global provider of innovative and affordable identity access management solutions. 
  • Managing and auditing account and data access by privileged users.
  • Tools and technologies for controlling user access to critical information within an organization.
  • An authentication process that allows a user to access multiple applications with one set of login credentials.