SOC2 is not an approval system.
SOC2 submits as a report the results and opinions of the audit corporation’s implementation of procedures for internal controls such as security described by Zoom in accordance with the standards set by the American Institute of Certified Public Accountants (AICPA).
Are software updates and patches applied to Zoom data centers as a security measure?
Does Zoom’s data center store backup files for the appropriate period/generations?
Are backups done properly in Zoom’s data center?
Is it possible to provide SOC2 reports/audit materials?
Does Zoom’s data center have virus / intrusion countermeasures (prevention / detection / recovery of data tampering)?
Is the frequency of virus scans appropriate in the Zoom data center?