800-388-1266
SSAE 18 SOC 2 Type II & SOC 3 Audited Data Recovery Services

SSAE 18 SOC 2 Type II & SOC 3 Audited Data Recovery Services

Secure Data Recovery Services undergoes rigorous SSAE 18 SOC 2 Type II and SOC 3 audits of its cybersecurity management control systems. These audits demonstrate our commitment to maintaining the highest levels of data security throughout our company.

Organizations of all sizes - including government agencies, the military, and multinational corporations - trust us with their most confidential and sensitive data. We honor that trust by ensuring that it remains protected throughout every stage of the recovery process.

Table of contents

View our SSAE 18 SOC 2 Type II audit compliance report below:

SSAE 18 Type II SOC 2 Report Cover Page SSAE 18 Type II SOC 2 Report 4th Page SSAE 18 Type II SOC 2 Report 5th Page SSAE 18 Type II SOC 2 Report 6th Page

View our SSAE 18 SOC 3 audit compliance report below:

SSAE 18 SOC 3 Report Cover Page SSAE 18 SOC 3 Report 4th Page SSAE 18 SOC 3 Report 5th Page

Since May 1, 2017, the Statement on Standards for Attestation Engagements 18, or SSAE 18, has served as the newest standard by the American Institute of Certified Public Accountants for evaluating how organizations conduct business. This includes how sensitive information gets stored, how third-party relationships get managed, and how organizations assess and mitigate cybersecurity threats.

Secure Data Recovery Services receives independent service audits in three SSAE 18 Service Organization Control groups, or SOCs:

  • SOC 1 Type II: a report on control systems at a service organization related to user entities’ internal control over financial reporting. This evaluates the accuracy of how an organization describes its control systems, the suitability of their design, and their effectiveness in protecting customer financial data.
  • SOC 2 Type II: a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality, and privacy. This evaluates the credibility and accuracy of how an organization describes its systems, the suitability of their design, and their operational effectiveness.
  • SOC 3: a report similar in nature and scope to SOC reports about the relevance of a service organization’s security, availability, processing integrity, confidentiality, and privacy in the handling of customer information.

The Importance of SSAE 18 Compliance for Data Recovery

Secure Data Recovery Services engineers regularly conduct complex physical data recovery, which requires invasive physical repairs conducted in a certified Class 10 ISO 4 cleanroom. They also use custom-designed or modified software utilities to recreate file systems and partition table information during intensive logical data recovery operations.

SSAE 18 SOC 1 Audit Completion Certificate SSAE 18 SOC 2 Audit Completion Certificate

Our company submits to advanced SSAE auditing standards that would normally apply to data service organizations, Software-as-a-Service (SaaS) providers, and enterprise data centers. We take these extra steps to certify that any customer data entrusted to our care is safe from unauthorized access.

A New Standard for Data Recovery Security

Secure Data Recovery Services takes every possible precaution in preserving the confidentiality and security of our customers’ information throughout every stage of the data recovery process. In addition to regular SSAE 18 audits, we maintain additional credentials that certify our commitment to comprehensive security controls at all of our data recovery centers:

  • Health Insurance Portability and Accountability Act (HIPAA): ensures compliance with federal regulations about the storage and protection of sensitive patient health information.
  • Family Educational Rights and Privacy Act (FERPA): ensures compliance with federal regulations about the storage and protection of student records and personal information.
  • FIPS 140-2 Level 3 Validation: ensures compliance with the highest level of Federal Information Processing Standards (FIPS) related to data handling practices.
  • Payment Card Industry Data Security Standard (PCI-DSS): ensures compliance with all federal regulations regarding global payment account data security.

Secure Data Recovery Services holds our facilities and our data recovery engineers to exceptionally high security standards. If you have any questions about our data recovery services, human resources security policies, data processing systems, or security systems, or if you need to make additional arrangements for high-security data recovery, contact our customer service team today at 1-800-388-1266.