AWARDS AND AUDITS
Volico has successfully completed SSAE16, SOC 2 Type II, and NIST audits compliant.
Volico has successfully completed SSAE16, SOC 2 Type II, and NIST audits compliant. This is assurance that our infrastructure and staff are qualified and capable of delivering a robust hosting experience to you. The examination included Volico’s security monitoring, service delivery, support services, backups, environmental controls, logical and physical access, and more.
SSAE16 and SAS70 Type II certified are designated by the U.S. Securities and Exchange Commission (SEC) as a method for an organization’s management to obtain assurance about their services. We see it as an example of why Volico is trusted to protect the assets and data at our facilities.
Company Examinations
• SSAE 16 Type II SOC 1 (Formerly SAS 70)
• SOC 2 Hosting
• SOC 3 Hosting
Company Compliances
• HIPAA
• PCI Security Standards Council Member
Company Examinations
SSAE 16 Type II SOC 1*
Volico is SSAE 16 and SAS 70 Type II certified and offers fully compliant hosting allowing our clients to fulfill the requirements of SSAE 16 internal audits as well as SAS70 Type II audits. While “SAS 70” has been the dominant in-depth audit of third-party service organizations over the last many years, the original Statement on Auditing Standards (SAS) No. 70 is actually one of many periodic statements issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA).
This certification confirms Volico’s controls are designed effectively, described accurately, and are in operation. To achieve SAS 70 Type II status, the auditor also certifies the controls have operated effectively over a period of time beyond the initial audit date.
Volico’s networking specialists are some of the best in the industry. Certifications range from CCNA, CCNP, all the way to triple CCIE’s for routing, switching, storage, advanced network design, and other data center services.
SOC 2 (Type II) & SOC 3
SOC2 confirms clients we use systems to protect their data. It audits security, availability, process integrity, privacy, and confidentiality in your data hosting environment. SOC 2 hosting assures your service provider has all of the best internal practices in the right place.
SOC 2 is a rigorous audit that is challenging for services organizations. SOC 2 measures and reports on a service organizations controls. SOC 2 reports on controls independent of an SSAE 16 (SOC 1) audit, and refers to controls specifically related to IT/data center service providers. The SOC 2 report affects companies that host or store large amounts of data, particularly data centers.
While SOC 2 is a confidential report, the SOC 3 report is publicly available. The SOC 3 report contains the auditor’s letter and summary opinion on the effectiveness of data center controls, A management attestation letter, and a system description of the services provided and under the scope of the audit.
Company Compliances
HIPAA – Health Insurance Portability and Accountability Act
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
HIPAA regulates the use and disclosure of an individual’s health information and gives patients greater control over the use of their health information. HIPAA Compliant Colocation includes access to our uninterruptible power, network, and AC infrastructure at our secure, high availability data centers to ensure PHI availability. Critical data and applications are safe with our firewall and IDS/IPS protection. HIPAA compliance relies more on process than simply technology, and Volico’s compliant colocation solutions work to ensure that all compliance requirements are met on both fronts.
Volico services include an SSAE 16 (SOC 1) TYPE II (Formerly SAS 70) audited and certified data center. We are a trusted medical and health care partner with nearly 20 years of experience and established credentials. We have been there, done that, and can make it happen for you.
PCI Security Standards Council Member
The PCI DSS is a comprehensive set of standards that require merchants and service providers that store, process, or transmit customer payment card data to adhere to strict information security controls and processes. Compliance with the PCI Data Security Standard (PCI DSS) is vital for all merchants who accept credit cards, online and offline.
Using PCI DSS standards, server hosting procedures are implemented to ensure a secure environment for credit card processing. The standards are updated by the Council, as needed, to stay up-to-date with new or modified requirements. To be considered PCI DSS compliant, businesses must meet all of the required standards sufficiently.
The Council is responsible for managing the security standards, while compliance with the PCI Security Standards is enforced by the payment card brands. The standards apply to all organizations that store, process, or transmit cardholder data – with guidance for software developers and manufacturers of applications and devices used in those transactions.
GET A FREE QUOTE
To get started the quotation process, please fill out the short form below.