Phoenix NAP Achieves SAS 70 Type II Certification, Retains PCI DSS Validation
“Security has always been a major focus for us, and really what the SAS 70 certification is acknowledging is that the policies and control measures we have in place sufficiently meet operational standards,” said Ian McClarty, president of Phoenix NAP. “This is not only a benefit to our facility, it’s a benefit to all of our clients and any potential clients. Rather than initiate a complete security audit of the datacenter on their own, they can save the expense and view our independent report.”
SAS 70 is a widely recognized auditing standard developed by the American Institute of Certified Public Accounts (AICPA) that measures service organizations’ controls and safeguards.
Additionally, the datacenter maintains its status as a Payment Card Industry Data Security Standard (PCI DSS) Validated Services Provider after Coalfire Systems, Inc., a Qualified Security Assessor (QSA), completed its independent audit.
“Not many datacenters carry the distinction of a PCI DSS validated services provider, and we are thrilled to be among those that do. Again, this validation ultimately benefits clients, as anyone that needs to meet PCI DSS for their particular operation is able to leverage the physical security measures Phoenix NAP has in place to meet that portion of their own PCI DSS audit,” said McClarty.
A set of both physical and electronic security mandates designed to protect cardholder data and online consumer transactions, PCI DSS requires any business that accepts, stores, or transmits credit card payments or electronic funds to be in compliance.
Phoenix NAP is listed on the Global List of PCI DSS Validated Entities, and as part of the audits to achieve SAS 70 Type II and PCI DSS validation, the datacenter has also been deemed to be HIPAA compliant.