Industry News Desk
Alert Logic Completes SSAE 16 Audit and Certifies Compliance
Continues Commitment of Strict Adherence to Operating Control Standards and Proper Handling of Sensitive Customer Data
By: Daniel Keeney
May. 1, 2012 03:30 PM
Alert Logic, a provider of Security-as-a-Service for the cloud, on Monday announced that it has taken two additional steps in its commitment to maintain the strictest control standards as it relates to both financial reporting and the protection of sensitive data such as Personally Identifiable Information (PII). With the completion of the Statement on Standards for Attestation Engagements (SSAE) No. 16 Type II assessment and certification of compliance with the U.S.-EU Safe Harbor program, Alert Logic delivers an even higher standard of excellence with regards to data security in the U.S. and internationally.
An independent public accounting firm has issued two Service Organization Control (SOC) reports in relation to Alert Logic's Security-as-a-Service solutions for the period of April 1, 2011 to December 31, 2011. The attestation represents that Alert Logic has successfully completed an in-depth Service Organization Control (SOC) 1, Type II audit of its internal control over financial activities and a SOC 2 audit of controls as they relate to the Trust Principles of Security and Availability. The SOC 2 evaluation covered controls over Alert Logic's Security-as-a-Service solutions and related processes, including the infrastructure residing at its primary data centers that supports those services.
This audit was completed in accordance with the attestation standard of the American Institute of Certified Public Accountants (AICPA), referred to as SSAE No. 16. SSAE 16 is the auditing standard developed in 2011 by the AICPA to replace SAS 70 and align U.S. and international standards, creating a more global, unified standard. Alert Logic has successfully completed the industry standard audit since 2008.
Alert Logic has also completed the certification process for compliance with the U.S. - European Union (EU) Safe Harbor Framework, complying with all seven of its core Privacy Principles. The EU's Directive on Data Protection went into effect in 1998 and essentially prohibits transfer of personal data to non-EU countries that do not meet the EU "adequacy" standard for privacy protection. The U.S.-EU Safe Harbor program was developed to bridge the differences between U.S. and European privacy laws.
"By successfully completing the SSAE 16 audit, Alert Logic has reinforced our commitment to continually ensuring our process management meets the highest industry standards," said Marty McGuffin, Alert Logic Vice President of Operations. "One of the reasons our service provider partners and their customers continue to choose Alert Logic is that we help them keep pace with the rapidly changing compliance landscape. Further, as we expand our global footprint, completion of the Safe Harbor certification became equally important in delivering the high-quality services our service provider partners expect."
More than half of the largest managed hosting and cloud service providers use Alert Logic's services to secure their customer environments. Adherence to these industry standards helps assure customers that they can reliably outsource the security of their data using solutions from Alert Logic. Alert Logic's Security-as-a-Service solutions provide customers four distinct advantages: market-leading security tools, a fully outsourced and managed SaaS delivery model, integrated 24×7 Security Operations Center (SOC) services to monitor and provide expert guidance, and the ability to deploy wherever a customer has IT infrastructure - including the cloud.