24/7 Service:800-388-1266

SSAE 18 SOC 1, SOC 2, SOC 3 Compliant

SSAE 18 SOC 2 Type II & SOC 3 Audited Data Recovery Services

Secure Data Recovery Services insists on providing customers with accurate and transparent information about our services and the security systems that protect them. We were the first data recovery company in the United States to undergo SSAE 18 SOC 2 Type II & SOC 3 audits, which demonstrate our commitment to maintaining strict confidentiality about the information that moves through our data recovery centers. We maintain compliance with these exacting standards through regular audits and attestations.

SSAE 18 Type II Data Recovery

Always work with a certified data recovery provider
to protect mission-critical files from unauthorized access.

Compromised security can lead to costly compliance violations for any business that regularly handles sensitive information. To keep your data confidential, you need to work with a qualified provider, and SSAE 18 attestation gives you a simple way to evaluate your contractors before trusting them with your financial data.

View our SSAE 18 SOC 2 audit compliance report below:

View our SSAE 18 SOC 3 audit compliance report below:

Our SSAE 18 SOC 2 Type II & SOC 3 compliance reports provide an excellent overview of our services, security systems, and controls. While many of our competitors claim compliance with SAS 70 and SSAE 18, we are one of the only companies in the industry that provides full access to our attestation reports and other relevant documentation.

We post our compliance documents online, and by using advanced networks and staff security protocols, we have developed an effective long-term strategy to maintain excellent security systems at our facilities. We always use appropriate methods to protect data, and when using our services, you can be confident that you’re working with a secure data recovery services provider.

The Importance of SSAE 18 Compliance for Data Recovery

SSAE stands for Statement on Standards for Attestation Engagements. As of May 1st, 2017, SSAE 18 is the active attestation standard for security systems with confidential payment data.

The SSAE 18 document essentially provides an updated version of SAS 70 standards, which publicly traded companies in the United States have used to ensure data security since the 1990s. The purpose of both standards is to prevent security flaws from compromising financial information.

While they are inherently similar, SSAE 18 and SAS 70 standards have a few key differences. SSAE 18 Type I and Type II standards place requirements on "systems" rather than "controls." While this seems like a minor distinction, it allows for a much more comprehensive approach to security. Data recovery companies need to completely rethink their networking and media handling procedures in order to stay compliant.

Unlike SAS 70 standards, SSAE 18 SOC 2 Type II & SOC 3 standards require managerial reporting and oversight. Our team is directly involved in the attestation process, and if our security systems fail to meet set standards, management is directly accountable. This ensures consistent long-term security. Data recovery companies must provide clear evidence of their security systems in order to comply with SSAE 18 SOC 2 Type II & SOC 3 specifications. Because of this, compliance is an involved, time-consuming process.

Secure Data Recovery Services' SSAE 18 Type II auditing was completed under SOC 1 standards, and SSAE 18 Type I auditing was completed under SOC 2 standards. SOC stands for Service Organization Control, and SOC 1 is designed specifically for data service businesses and organizations. SOC 2 is a restricted report designed primarily for data centers, software-as-a-services (SaaS) businesses and other organizations, and SOC 3 is a general-use report that uses the same principles as SOC 2. All data recovery vendors should offer access to a completed SSAE 18 SOC 2 Type II & SOC 3 report in order to demonstrate compliance.

We use SSAE 18 Type I and Type II certified networks and procedures when performing all data recovery services. There are two principal types of data recovery:

  • Physica data recovery: this type involves retrieving data from physically damaged hardware, which involves replacing parts inside the damaged hard drive or chips-off recovery for solid-state drives in a certified cleanroom.
  • Logical data recovery: this type involves retrieving data from logically damaged media. This method generally involves the use of specialized software tools that can reconstruct files systems and partition table information.

Secure Data Recovery Services offers professional data recovery services on any kind of digital storage drive, server, memory card, mobile device and virtual machine, including:

  • Internal and external hard drives
  • USB drives
  • Solid-state drives
  • SD cards
  • Digital and flash media storage devices
  • All RAID arrays
  • Virtual servers
  • Tape drives
  • Digital cameras
  • Databases and SQLs
  • Files and emails
  • Android and iOS devices
  • Other media on any platform (Windows, macOS, Linux, etc.)

Overall, SSAE 18 greatly improves upon SAS 70, providing much-needed updates that directly enhance data recovery security. Data recovery companies need to follow the newer standards in order to keep sensitive data confidential, and businesses of all sizes need to insist on SSAE 18 Type I and Type II auditing to avoid serious security risks.

A New Standard for Data Recovery Security

We take every possible step to protect our clients' confidentiality while providing our data recovery services. In addition to SSAE 18 SOC 2 Type II & SOC 3 auditing, we maintain other credentials that show our compliance with various industry standards.

Our additional security credentials include:

  • Family Educational Rights and Privacy Act (FERPA) Compliance
  • Payment Card Industry Data Security Standard (PCI-DSS) Compliance
  • SAS 70 Compliance and More

Secure Data Recovery Services holds our facilities and our data recovery team to exceptionally high standards. If you have any questions about our data recovery services, human resources security policies, data processing systems, or security systems, or if you need to make additional arrangements for high-security data recovery, contact our customer service team today at 800-388-1266.