A Look at SAS 70, SSAE 16, SOC 2, and SOC 3

While the AICPA has updated its data center audit standards, understanding of the audits has been slow in reaching data center end users. HOSTING’s security expert, Sean Bruton, helps clarify the confusion around the standards.

Denver, CO, January 3, 2013 – Hosting providers are quite frequently the operators of data centers, but they are much more frequently the customers of data centers, at the cage, rack or even server level. And for customers of data centers, an understanding of not just the facility’s design and the infrastructure that went into building out that design, but the processes that dictate a facility’s operation, are important tools in effectively weighing data center options.

Of course, it isn’t just service providers that have specific demands around the performance, security, and other aspects of a data center’s infrastructure and operation. Industries that handle sensitive data – customer financial information, health care details, credit card data – all have created their own standards for evaluating both data centers and hosted services. And compliance with industry-specific reporting standards is generally considered shorthand for evaluating the services themselves.

Read the full article.