Security and Privacy for Online Data Protection and Backup
- Online Security
- Physical Security & Data Centers
- SAS 70 II Certified Datacenters
- Governing Compliance
- S3CC and our Providers take your privacy and the security of your data very seriously. Our Online Data Backup services are built with a series of administrative, physical, and technical safeguards designed to protect your data.
- All backed up data is encrypted with at least 128-bit encryption prior to transfer and then sent through an encrypted 128-bit SSL tunnel to remote data centers
- After the secure transfer to our data centers, your Backed-up Data is maintained and stored using 128-bit Blowfish encryption. Your Backed-up data is accessible only by supplying your valid login credentials. You can choose to use a randomly generated 1024-bit encryption key or manage your own encryption key.
- Physical Security: 24x7x365 onsite monitoring and physical security, including biometric identification mechanisms
- Power: 2 or more power supplies from different power providers
- Power: Onsite generators and reserve fuel supplies
- Bandwidth: Redundant 1 Gpbs (minimum) connections to the public internet supplied by tier 1 bandwidth vendors
- Cooling: Redundant cooling (air conditioning) systems
- Water: Redundant cooling water supplies
- Fire Suppression: Redundant automated fire suppression systems
- Data Replication: SOS stores data redundantly within the center, and/or offsite depending on deployment
Statement on Auditing Standards (SAS) No. 70, Service Organizations, is a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). A service auditor’s examination performed in accordance with SAS No. 70 (also commonly referred to as a “SAS 70 Audit”) is widely recognized, because it represents that a service organization has been through an in-depth audit of their control objectives and control activities, which often include controls over information technology and related processes. In today’s global economy, service organizations or service providers must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. In addition, the requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make SAS 70 audit reports even more important to the process of reporting on the effectiveness of internal control over financial reporting.
Partners of S3CC IT Consulting who do any online data backup meet or exceed security measures for governing compliance standards, such as:
- Sarbanes-Oxley (SOX)
- Gramm-Leach-Bliley Financial Services Modernization Act of 1999 (GLBA)
- Health Information Portability & Accountability Act of 1996 (HIPAA)
- SAS 70 Type 2 Certified Datacenters
- Payment Card Industry Data Security Standard (PCI Compliance)