SSAE 18 SOC 2 Type II & SOC 3 Certification
At Secure Data Recovery Services, we believe in providing our clients with accurate, transparent information about our security systems. We were the first data recovery company in the United States to earn SSAE 18 SOC 2 Type II & SOC 3 certifications, which demonstrates our commitment to confidentiality, and we maintain these certifications through regular attestations.
Always work with a certified data recovery provider to protect mission-critical files from unauthorized access.
Compromised security can lead to costly compliance violations for any business that regularly handles sensitive information. To keep your data confidential, you need to work with a qualified provider, and SSAE 18 attestation gives you a simple way to evaluate your contractors before trusting them with financial data.
View our SSAE 18 SOC 2 audit compliance report below:
View our SSAE 18 SOC 3 audit compliance report below:
Our SSAE 18 SOC 2 Type II & SOC 3 compliance reports provide an excellent overview of all of our security systems and controls. While many of our competitors claim compliance with SAS 70 and SSAE 18, we are one of the only companies in the industry providing full access to our attestation reports and other relevant documents.
We also post our certification documents online, and by using advanced networks and staff security protocols, we have developed an effective long-term strategy to maintain excellent security systems at our facilities. We always use appropriate methods to protect data, and when using our services, you will always get the peace of mind that comes from working with a secure provider.
The Importance of SSAE 18 Certification for Data Recovery
SSAE stands for Statement on Standards for Attestation Engagements. As of June of 2011, SSAE 18 is the active attestation standard for security systems with confidential payment data.
As a fully certified provider, we treat all data in accordance with SSAE 18 standards.
The SSAE 18 document essentially provides an updated version of SAS 70 standards, which publicly traded companies in the United States have used to ensure data security since the 1990s. The purpose of both standards is to prevent security flaws from compromising financial information.
While they are inherently similar, SSAE 18 and SAS 70 standards have a few key differences. SSAE 18 Type I and Type II standards place requirements on "systems" rather than "controls." While this seems like a minor distinction, it allows for a much more comprehensive approach to security. Data recovery companies need to completely rethink their networking and media handling procedures in order to stay compliant.
Unlike SAS 70 standards, SSAE 18 SOC 2 Type II & SOC 3 standards require managerial reporting and oversight. Our team is directly involved in the attestation process, and if our security systems fail to meet set standards, management is directly accountable. This ensure consistent long-term security. Data recovery companies must provide clear evidence of their security systems in order to comply with SSAE 18 SOC 2 Type II & SOC 3 specifications. Because of this, compliance is an involved, time-consuming process.
Secure Data Recovery Services' SSAE 18 Type II certification was completed under SOC 1 standards, and SSAE 18 Type I certification was completed under SOC 2 standards. SOC stands for Service Organization Control, and SOC 1 is designed specifically for data service businesses and organizations. SOC 2 is a restricted report designed primarily for data centers, software-as-a-services (SaaS) businesses and other organizations, and SOC 3 is a general-use report that uses the same principles as SOC 2. All data recovery vendors should offer access to a completed SSAE 18 SOC 2 Type II & SOC 3 report in order to demonstrate compliance.
We use SSAE 18 Type I and Type II certified networks and procedures when performing all of our services including:
- Hard Drive Data Recovery
- RAID Repair and Data Recovery
- Virtual Server Recovery
- Computer Repair
- Computer Forensics, Data Tape Transfer and More
Overall, SSAE 18 greatly improves upon SAS 70, providing much-needed updates that directly reflect data recovery security. Data recovery companies need to follow the newer standards in order to keep sensitive data confidential, and businesses of all sizes need to insist on SSAE 18 Type I and Type II certifications to avoid serious security risks. We proudly post proof of our SSAE 18 certifications to give our clients unprecedented access to key security information.
A New Standard for Data Recovery Security
We take every possible step to protect our clients' confidentiality while providing our services. In addition to SSAE 18 SOC 2 Type II & SOC 3 certifications, we hold credentials that show our compliance with various other standards.
All data recovery providers should follow SSAE 18 standards when handling client data.
Our security credentials include:
- Family Educational Rights and Privacy Act (FERPA) Compliance
- Payment Card Industry Data Security Standard (PCI-DSS) Compliance
- SAS 70 Compliance and More
Important data needs appropriate protection. At Secure Data Recovery Services, we use the best information security in the industry, and we proudly provide our clients with full access to our attestation reports. As the first provider with SSAE 18 SOC 2 Type II & SOC 3 certifications, we hold our facilities to exceptionally high standards. If you have any questions about our data recovery security systems or if you need to make additional arrangements for high-security data recovery, contact our customer service team today at 1-800-388-1266.