SOC 2 Compliance: Keep Your Data and Online Stores Secure with OMG

By Aubrey Scharff on October 6, 2022


Whether you’re a pro when it comes to technology or can’t quite get the hang of Zoom (we’ve all been there), there’s one thing we can all agree on: security matters.

In the digital world that we live in today, security is one of the most important things when it comes to choosing tools and technology you trust.

At OMG, we’re committed to being a company you can trust. We know that trust is not given but earned, which is why we’re excited to share that OMG has successfully completed a Service Organization Controls (SOC) 2 Type 1 audit

If you don’t know much about SOC 2 compliance, after this post you’ll understand why this is BIG news!

What is SOC 2 compliance?

SOC 2 stands for Systems and Organizations Controls 2, which is a technical security audit and certification based on standards developed by the American Institute of Certified Public Accountants (AICPA). SOC 2 reports are geared towards technology-based companies and third-party service providers that store customers’ data in the cloud.

To receive SOC 2 compliance, a company develops and documents security policies and procedures that must be followed by everyone in the company. Once the policies and procedures are in place and these things have been tracked, then the company must go through a rigorous audit process by a certified, third-party auditor.

There are two types of SOC 2 compliance:

  • SOC 2 Type 1: This report describes a company’s security-related systems and processes and confirms they meet necessary industry-standard security and privacy protocols at a given point in time (e.g., as of a specific date, such as January 1).
  • SOC 2 Type 2: This report details the operational effectiveness of a company’s security-related systems and processes over a period of time (e.g., 6 months).

To earn a SOC 2 certification, a company must demonstrate its internal systems are secure, operational, and sufficiently protect customer data. Independent auditors assess companies using the five elements of the AICPA Trust and Integrity Criteria

  • Security: Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could compromise the availability, integrity, confidentiality, and privacy of information or systems.
  • Availability: Information and systems are available for operation and use. 
  • Processing integrity: System processing is complete, valid, accurate, and timely.
  • Confidentiality: Information designated as confidential is protected.
  • Privacy: Personal information is collected, used, retained, disclosed, and disposed of.

Why is it important?

The importance of data security is at an all-time high, with companies announcing new security breaches every day it has never been more imperative to protect customers’ information.

According to Positive Technologies, Cybercriminals were able to carry out attacks on users in 98 percent of studied web applications. Such attacks can result in the spread of malware, redirection to a malicious site, or data theft through social engineering.

Since cyber attack attempts are so common now, we wanted to be proactive in taking the right steps to protect all data on our platform.

“We hold ourselves to the highest standard when it comes to the security of our clients and their customers,” says Daniel Hodges, Senior Vice President of Engineering. “OrderMyGear is proud to be the only online store platform that is SOC 2 compliant. Keeping our clients protected is our top priority as a company and as a partner.”

What does this mean for OMG Clients?

As an OMG client, we want you to know that we take security seriously, and are committed to investing in security measures like SOC 2 reports. Your trust is important to us, and you shouldn’t have to worry about the safety of your data.

OMG is the only online store platform in the promotional products and team sporting goods space with a SOC 2 attestation report. This report provides reassurance that your data is protected from unusual, unauthorized, or suspicious activity.

Being SOC 2 compliant also allows our clients to meet the security standards for their larger prospects and clients. For example, some industries like healthcare and government have higher security requirements and expectations than other industries, and often select which businesses to work with based on whether they are SOC 2 compliant. By partnering with OMG, promotional product distributors, decorators, and team dealers can feel confident offering online stores to customers in these industries.

We hope our investment in security measures like SOC 2 reports not only gives you peace of mind but emphasizes our dedication to the safety of your information and the success of your business.

For more information on OMG’s security practices, please click here.

To view the press release on OMG’s SOC 2 compliance, click here.

About OMG

OrderMyGear (OMG) is an industry-leading sales tool, empowering distributors, decorators, and dealers to create sleek, retail-like online stores for every customer – big or small. Since 2008, OMG has been on a mission to simplify the process of selling branded products and apparel to groups and improve the ordering experience. With easy-to-use tools and unmatched support, the OMG platform powers online stores for over 3,500 clients generating more than $2 billion in online sales. Learn more at