Fibernet received SAS 70 Type II certification after completing a scheduled audit of its internal processes.
Orem, UT Fibernet, a local leader in customizable Colocation and Managed Dedicated Hosting since 1994, today announced that it has received SAS 70 Type II certification through Salt Lake City’s independent service auditor, The Cadence Group, after an extended audit of its internal processes.
“Fibernet and NetHosting, our global brand, have been Type I certified since March of 2010, but we’ve taken our SAS 70 certification to the next level to demonstrate our ongoing commitment to the security of our customers’ data,” stated Fibernet CFO, Lee Livingston.
Type I and Type II certifications differ mainly in the amount of time it takes to complete each audit. While a Type I audit is a snapshot of a company’s adherence to policies at a given point in time, the audit required for Type II certification looks at a company’s internal operations over a much longer time span for a more realistic security analysis.
Since the Sarbanes Oxley act of 2002, SAS 70 certification has become a market standard for service organizations, but Type II certification, as opposed to Type I, is largely recognized as the more valuable analysis of a company’s security-oriented protocols.
“Recently, a new standard, SSAE 16, has emerged as an enhancement to the SAS 70 model,” added Mr. Livingston. “We’re already in preparations to receive certifications through SSAE 16 in the form of a SOC 1 report, and we are planning for SOC levels 2 and 3, which have stricter standardized criteria for security protocols and policies, in the near future.
“These standardized certifications are similar to the payment card industry’s PCI DSS certification, which was mandated for service providers in the credit card processing industry. Because a company cannot select its own security standard, standardized certifications such as PCI and SSAE 16 are instituted by a governing body and mandated across the board.”
Fibernet was the first data center in the state of Utah to become PCI certified and was one of the first in the world to be included on the credit card industry’s list of approved service providers.