Cloud9 Hosting Raised the Security Bar: – Goodbye SAS 70, Hello Cloud Computing SSAE 16
Goodbye SAS 70, Hello Cloud Computing SSAE 16: Cloud9 Real Time Application Hosting Raises the Security Bar
SAS 70 has been touted on a number of websites for businesses offering data center services. It has been the equivalent of the “Good Housekeeping” stamp of approval since its inception as a cornerstone audit in 1992. The SAS 70 type of audit, that’s been around since the early 1990s, has been retired and replaced with cloud computing SSAE 16 (Statement on Standards for Attestation Engagements #16) certified
Cloud9 Real Time’s AIS Data Center recently announced its successful completion of the cloud computing SSAE 16 SOC 1 Type 2 and the SSAE 16 SOC 2 Type 2 audits for the company’s San Diego facility. These third-party audits of the AIS data center services serve to further demonstrate the commitment made to provide a high level of standards for compliance and security.
Per the American Institute of Certified Public Accountants (“AICPA”) Standards for Attestation Engagements (SSAE) No. 16, the SOC 1 report is geared towards reporting on the Internal Control over Financial Reporting and is designed to be a reporting standard for a business’s financial reports, highlighting its financial accounting and reporting practice. The SOC 2 report covers the suitability of the design and operating effectiveness of controls to meet the criteria for the security and availability principles set forth by the Trust Services Principles.
In addition, the cloud computing SSAE 16 SOC 1 Type 2 audit was done in accordance with International Standard on Assurance Engagements 3402, “Assurance Reports on Controls at a Service Organization.”
“This is an important milestone for AIS – affirming that our enterprise-class data centers have the appropriate internal controls in place for assuring the highest level of standards for compliance, security and availability,” said Tim Caulfield, chief executive officer at AIS. “We want our clients to feel comfortable that we are committed to taking the necessary steps to assure their peace-of-mind as they seek us out for colocation, connectivity, managed services and now, our full-featured cloud service. Our SOC 2 examination clearly sets us apart from our San Diego competition.”
The goal of the audit was to provide assurance (via report) that controls asserted actually exist and are functioning properly. The AIS controls matrix covers all aspects of the business, including: Service Delivery, Solutions Design, Computer Operations, Logical and Physical Security, Change Management, Incident Management and Disaster Recovery / Business Continuity Planning.
A key requirement of the cloud computing SSAE 16 certification is an attestation engagement, where AIS management provides to the auditor a written assertion regarding the controls designs, objectives and implementation. The auditor, in turn, verifies the proper controls are in place and that they are functioning properly for the length of the sampling period.
The bottom-line? Cloud9 Real Time application hosting features the same level of security as your online bank account. Schedule a demo or a 7-day trial and discover first hand why Cloud9 Real Time is the #1 choice of cloud computing providers among Accountants, CFOs, CPAs, and increasingly law Firms.