Certified Secure Defense-In-Depth Network Proof

About WIRED Security Inc.’s Network Security Audit:

To maintain its SAS 70 II compliance year-to-year, DriveSavers undergoes annual audits of its internal data hosting and processing controls.

The security audit on DriveSavers perimeter and network systems is conducted by a team of independent information security and technology consultants from WIRED Security, Inc., to ensure that adequate controls and safeguards are in place for safely hosting data belonging to our customers. A thorough review of our Business Continuance Plan, Information Security Policy and the recently completed SAS 70 audit documentation is also performed.

DriveSavers has deployed a full “Defense-in-Depth” Network. All hardware and software used by DriveSavers has multiple industry certifications including, but not limited to, NIST, NEBS level 3, ICSA, NSS, and FIPS. The DriveSavers Data Recovery computing network environment (as tested) has an excellent ability to avoid information security breaches.

DriveSavers undergoes these audits annually. The results of our most recent and up-to-date audit are posted below.

See all Proof of Certification categories

WIRED Security Inc.’s Network Security Audit

Read our WIRED Security Inc.'s Network Security Audit.

Page 1

 Read our WIRED Security Inc.'s Network Security Audit.

Page 2

Benefits of Working with a SAS 70 Certified Data Recovery Service Provider

The SAS 70 audit differentiates DriveSavers from all other data recovery service providers in the industry today. Only DriveSavers has undergone this audit and been certified as SAS 70 Type II compliant.

SAS 70 Type II compliance verifies our qualification to handle enterprise-class recoveries, and support corporate customers who are required to meet regulatory compliance for HIPAA (Health Insurance Portability and Accountability Act), SOX (Sarbanes-Oxley Act of 2002), GLBA (Gramm-Leach-Bliley Act of 1999), and ISO 27000.

Only authorized data recovery engineers have access to personal and confidential data. Once the recovery process is complete, data is stored on our secure network until the integrity of recovered data is verified. Custom solutions are offered for recoveries on encrypted files and drives. Data is protected during transit to and from our facility. Should instant access of the recovered data be required, data is transmitted via a secure FTP site. Secure and permanent data destruction is available upon request.

SAS 70 Type II certification is mandated by many of our data recovery customers:

  • Publicly-traded companies who must comply with the Sarbanes-Oxley Act of 2002 through a SOX audit for SOX compliance
  • Companies with legally-protected customer information, such as financial institutions
  • Businesses that must protect health information (HIPAA)
  • Universities with protected student information (FERPA)
  • Loan originators and credit rating agencies and their providers (FCRA, GLBA)
  • Providers of services involving eCommerce (WebTrust, PCI)

“At the heart of our certified secure data recovery environment is a “defense-in-depth” network, verified in our SAS 70 Type II auditing process to be “a formidable defense” for the information and data that it hosts.”

Michael Hall, CISO, DriveSavers

CERTIFIED SECURE SELF-DEFENDING NETWORK PROOF