|
Home | Compliance
|
Overview
Many different types of organizations utilize solutions from Net Access Corporation. With clients ranging from media, financial, pharmaceutical, manufacturing, technology, healthcare, and other industries, many of our clients need to select a provider that has achieved and maintains compliance standards in order to meet their own regulatory and compliance standards. Organizations in today’s business climate face regulations including SOX, HIPAA, PCI, GLBA, and others in order to ensure that proper safeguards and best practices are being followed related to privacy, information security, controls, etc.
Why NAC undergoes these audits
As a data center infrastructure provider, privacy, information security, controls, and best practices take an important role in our organization. For that reason, Net Access Corporation maintains Statement on Auditing Standards No. 70 (SAS 70) Type II audits and has achieved the Payment Card Industry Data Security Standard (PCI DSS) compliance. This means that independent third party auditors have assessed our data center facilities to determine how closely the policies and procedures are being followed and that the necessary controls are in place.
|
| SAS 70 Type II |
 |
|
| PCI DSS |
 |
|
Single Point In Time Audit |
PCI DSS Standards |
A SAS-70 Type I audit is a written opinion by an independent auditor stating whether or not a service organization is accurate in the description of its processes and controls and whether or not those stated controls are efficient in meeting their objectives on a given date.
Time Based Auditing
SAS-70 Type II audits combine elements of a Type I audit with the results of extensive testing over a defined period of time (at least 6 months) to determine how effectively the processes and controls are achieved
|
The PCI DSS is a comprehensive set of standards that require merchants and service providers that store, process, or transmit customer payment card data to adhere to strict information security controls and processes. The standard includes twelve requirements that include the following information security topics:
- Security management
- Policies and procedures
- Network architecture
- User access management
- Network and systems monitoring
- Software development
|
|
How this benefits our clients
We see our compliance as much more than a check in a checkbox for our customers. Whether your organization has its own regulatory or compliance requirements or not, it can ensure that it is hosting its infrastructure in a data center facility that has stringent security policies in place that are audited annually by independent third party auditors. Another benefit of utilizing a SAS 70 data center or PCI compliant hosting center is that this can eliminate the need for costly and time consuming audits to be done by third parties on behalf of our clients.
Compliant Solutions
Our colocation and data center services are SAS 70 Type II audited and PCI DSS compliant. Click here to view additional info on our SAS 70 data centers or PCI compliant hosting center solutions.
|
|
|
|
