Certified Secure Data Recovery

Why is data security important during data recovery?

If you use a disreputable company, your data may be exposed to identity theft, irreparable media damage, the downloading and improper use of confidential files, breach of data on unprotected networks, improper disposal of damaged storage devices, and the installation of malware onto hard drives along with recovered data.

In December of 2009, the Ponemon Institute (an independent research firm in the field of data protection and information security) conducted a survey among 636 IT security and support professionals on the “Security of Data Recovery Operations“.

  • 83% of all respondents reported at least one data breach in the past two years
  • 19% said the breach occurred when a drive was in the possession of a third-party data recovery service provider
  • 43% said the breach was due to a lack of data security protocols

NIST recommends proper vetting of data recovery service providers.

The National Institute of Standards & Technology (NIST) updated its Contingency Planning Guide for Federal Information Systems (NIST SP 800-34 Rev.1) in June of 2010 with brief but effective language to help raise awareness of the third party data recovery vendor information security risk.

Section 5.1.3 (4th paragraph) states:

“Organizations may use third-party vendors to recover data from failed storage devices. Organizations should consider the security risk of having their data handled by an outside company and ensure that proper security vetting of the service provider is conducted before turning over equipment. The service provider and employees should sign non-disclosure agreements, be properly bonded, and adhere to organization-specific security policies.”

NIST is a federal agency within the U.S. Department of Commerce that develops standards and guidelines that help federal agencies implement the Federal Information Security Management Act (FISMA) of 2002 to provide adequate information security for all agency operations and assets.

NIST SP 800.34 was prepared for use by federal agencies, but it is also used by non-governmental organizations on a voluntary basis.

DriveSavers Data Recovery meets all the recommended data security protocols:

Annual SOC 2 Type II Audit Reports

DriveSavers is the only data recovery company in the industry today to post proof of annual, company-wide SOC 2 Type II audits the Corporate Industry’s standard for an overall control structure. Unlike Type I, Type II audits verify that our data hosting control objectives and control activities are in place, suitably designed, enforced and operating effectively.

The security control objectives established for our annual audits are designed to satisfy the stringent security requirements and audits mandated by the corporate clients and government agencies we serve.

Certified Secure Self-Defending Network

At the heart of our secure data recovery environment is a self-defending network, protected by a “defense-in-depth” architecture that includes firewalls, intrusion protection systems, managed security services and 24/7 real-time monitoring. Verified in annual SOC 2 Type II security audits to be “a formidable defense” for the information and data that it hosts, the network meets the stringent security requirements and audits mandated by the corporate clients and government agencies we serve.

High Security Service Available

In addition to providing the highest level of data security in the data recovery industry today, DriveSavers Data Recovery offers a High Security Service that adheres to US Government protocols and a Forensics Service that supports law enforcement agencies and other legal entities in the United States and abroad.

Every service option offered by DriveSavers Data Recovery meets the data loss prevention and data security/data privacy protocols mandated within SOX, GLBA and HIPAA.

You can trust DriveSavers Data Recovery with your data!

Unlike other data recovery companies, we can prove our statements about data security. All of our certifications and proof documents are posted here.

Clients like Bank of America, NASA Goddard Space Center, the US Government, the Smithsonian Institution, CompuCom and Lawrence Livermore National Labs all trust DriveSavers Data Recovery with their critical data.

“Lawrence Livermore National Laboratory’s (LLNL) data security standards are based on NIST recommendations. We strive to ensure that our mission critical data is protected at a level equivalent to the standards we hold for ourselves when handled by third party vendors, and periodically require them to undergo an exhaustive security assessment.”

Neda Gray, CISSP, Information Systems Security Officer for Operations and Business at LLNL

“Data security standards are set high by CompuCom to ensure that our customers’ data is never vulnerable. We require an exhaustive security assessment of all our third-party vendors. DriveSavers Data Recovery is SOC 2 Type II compliant and is guarded by a ‘defense-in-depth’ network architecture which provides the level of data security we promise to our customers.”

Dave Borgese, VP CompuCom Systems

Certified Secure Data Recovery

DriveSavers is the only data recovery service provider in the industry to post proof of annual, company-wide SOC 2 Type II audits. The privacy of your data will be protected during the recovery process.

  • SOC 2 Type II Audits
    Verify our qualification to support customers who must comply with data privacy and data security regulations such as:

    • HIPAADriveSavers is fully HIPAA compliant
    • FERPA
    • SOX
    • GLBA
    • NIST 800.34
  • Certified ISO 5 Cleanroom
    Meets manufacturer’s standards for warranty protection
  • Engineers Certified by PGP, PointSec, GuardianEdge, Utimaco – Supports DAR mandate for encrypted files and drives
  • High Security Service – Meets U.S. Government Security Standards
  • Secure & Permanent Data Erasure on Request – Meets HIPAA and GLB Act privacy requirements
  • GSA Schedule #GS-35F-0121S
Click here to watch the DriveSavers Security Video