Leading Colorado Springs Datacenter’s Security Controls Independently Certified

Posted on April 9, 2014 by Randal Kohutek

Data102, LLC. Achieves Examination in Conformity with Statement on Standards for Attestation Engagements (SSAE) No. 16 Type II Certification after Extensive Audit

Recently, A-lign CPAs of Tampa, FL, an independent auditing agency, certified that Data102 – Southern Colorado’s premiere, privately held data center—was compliant with Statement on Standards for Attestation Engagements (SSAE) Number 16, after completing a Type II report. After achieving compliance with SSAE standards in October of 2012, Data102 has maintained the highest standard of controls over its colocation services, and executed them throughout 2013 without exception.

In response to this achievement, Travis Taylor, VP of Business Development for Data102, said, “It’s been over a year since our initial audit, and we’ve succeeded at implementing and maintaining our security and operational controls, proving to our customers that we live up to the rigorous standards required for a Type II certification.”

The SSAE 16 certification is recognized by the Securities and Exchange Commission (SEC) as an acceptable verification of an organization’s internal security controls and procedures and is thus widely respected. Compliance is determined by an independent auditing agency that performs a thorough examination of control objectives, procedures, and safeguards, which include controls over information technology and infrastructure. Data102 has continued to implement and maintain strict security controls at itsColorado datacenter, which has now been independently certified according to SSAE standards.

At a time when more and more sensitive data is stored at data centers, Data102’s customers continue to have assurance that their data center is taking every possible precaution to keep them safe. Both the Type I and Type II reports are accessible and show Data102’s established controls and their effectiveness as reported by the auditors:

Type I provides a description of controls at a specific and particular point in time;
Type II includes this description and provides details regarding the testing of controls over a given period. With a Type II report, customers will be able to determine that these controls were in operation, satisfactorily designed, and operating productively for the duration of the testing period.

Randal Kohutek, VP of Operations, added, “I’m proud that our team has met the requirements to obtain SSAE16 Type II certification, and am glad that we bring this high level of execution to our clients.”

About Data102 LLC
Data102, LLC is a Colorado Springs data center and IT services provider. They offer a breadth of services includingcolocation, bandwidth, last mile Internet, Voice over IP (VoIP), virtualization, cloud servers, managed firewalls and website hosting. For more information about Data102 LLC, visit us at data102.com

View this press release at prweb.com

Colorado Springs Datacenter Partners With Cisco For New High-Tech Security System

Posted on June 1, 2013 by Randal Kohutek

Colorado Springs datacenter, Data102, has announced partnership with Cisco to expand on existing security measures. Physical security measures have been increased on location for further compliance with security standards

Colorado Springs datacenter, Data102, is partnering with Cisco, a global leader in security and networking, in order to provide another layer of protection for their client’s equipment and sensitive data.

Data102 has been offering secure colocation services for years, with physical security gaining in popularity as more companies see the benefit of such a barrier. Data102’s staff members are trained to insure the highest security standards and close monitoring for any potential threats. Physical security is a necessity in order to avoid malicious invaders. This Colorado datacenter’s physical security is maintained in compliance with PCI, HIPAA, and SSAE16 datacenter standards.

The people managing the systems are just as integral to security as the hardware and software. Travis Taylor, the Director of Business Development, explains that, “All of our physical security measures are monitored around the clock by our experienced staff which guarantees a strong line of defense against even the most dangerous intruders.” The Data102 staff is available 24 x 7 x 365 to answer queries or fix problems, ensuring security is maintained at all times.

Physical access to the Colorado Springs location has been entirely revamped with the installation of a Cisco Physical Access Manager. In keeping with the standards that have been set for SSAE16 datacenters, physical security is closely monitored. As you would expect, video and access information is logged for any visitor that enters the datacenters, but access to other areas is now being monitored as well. Employee office space and conference areas are restricted so that only those with an access badge may enter. Visitors may be allowed inside the facility with limited access and are escorted by a staff member at all times.

ABOUT DATA102
A Colorado Springs datacenter and IT services provider, Data102 offers products and services such as managed firewalls, Virtual Private Servers, anti-spam services, backups, colocation and bandwidth. In addition to affordability, reliability and flexibility, Data102 offers unparalleled customer service and technical support. For more information about Data102 LLC, visit data102.com.

View this press release at prweb.com

SAS70 & SSAE16 Compliant Datacenter

Posted on March 29, 2013 by Randal Kohutek

As the recent Target hacking demonstrated, it is vital for private information to stay that way. For Data102 and other datacenters that house large amounts of private and sensitive information, it is crucial to maintain appropriate controls and security, as well as to be able to deliver such reassurance to clients.

To give customers peace of mind, there are a number of standards that have been implemented to ensure that a datacenter can be trusted; these are outlined in the Statement on Auditing Standards No.70 (SAS70) and the Statement for Standards for Attestation Engagements No. 16 (SSAE16).

A service organization or service provider that is SAS70 and SSAE16 compliant is showing that they have been through a thorough audit examination and that control objectives and control activities—which typically include controls over information technology and corresponding processes—as well as safeguards have all been demonstrated to be adequate and effective.

Though SAS70 is a widely recognized auditing standard, it does not provide a list of pre-determined criteria; auditors must still follow standards set by the American Institute of Certified Public Accountants (AICPA) for fieldwork, quality control, and reporting. So, as of June 15, 2011, SSAE16 was created by AICPA with the goal of upgrading the US service organization’s standard of reporting so that it adheres with the new International Service Organization standard (ISAE3402). Since then, SSAE16 has managed to replace SAS70 as the top guide for reporting on service organizations.

A compliant datacenter provides a measure of benefits and value to its customers. They can retrieve reports and thus obtain valuable knowledge regarding the established controls and the effectiveness of those controls, which are known as Service Auditor’s Reports. There are two types of these reports:

Type 1 provides a description of controls at a specific and particular point;
Type 2 includes this description and provides details regarding the testing of controls over a period of six months. With a Type 2 report, customers can also determine whether these controls were in operation, satisfactorily designed, and operating productively. Without this report, there will be an assortment of requests for an audit and multiple visits can put a strain on resources. With a Service Auditor’s Report, customers and their auditors have access to the same information, which should be satisfactory to both parties.

A SAS70 & SSAE16 compliant datacenter proves a lot by having these examinations made. It sets itself apart from its peers by showing the installation of control objectives and adequately designed control activities. If customers use a datacenter that is not SAS70 & SSAE16 compliant, they will have to arrange for an auditor to pay a visit to that organization to examine its controls and operations, an action that will likely cost the customer money. More than that, though, you can be sure that a datacenter that is compliant, like Data102, can be trusted with your data.