Skip to content

DriveSavers Guarantees Data Security Compliance with Updated NIST Guidelines for Controlled Unclassified Information

Leader in data recovery, eDiscovery, digital forensics addresses NIST SP 800-171 guidelines
(Novato, Calif. – August 26, 2016) — DriveSavers, the worldwide leader in data recovery, eDiscovery and digital forensic services, announces compliance with the latest NIST regulations designed to protect controlled unclassified information (CUI) outside the government.
Published in 2015, NIST Special Publication 800-171: Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, applies to components of nonfederal information systems and organizations that process, store or transmit CUI, or provide security protection for these components.
“We understand that it’s absolutely essential for our customers to know that DriveSavers can protect the integrity of their data,” explained Michael Hall, chief information security officer at DriveSavers. “Each year, DriveSavers undergoes an annual SOC 2 Type II audit of internal data hosting and process controls to guarantee our data recovery services uphold the stringent data security and privacy protocols mandated by the government agencies we serve. All the guidelines outlined in NIST SP 800-171 are covered by this audit.”
Over the last 30 years, DriveSavers has worked extensively with law enforcement agencies to provide legally defensible investigations and reports, and has experience understanding and interpreting data from all types of digital devices and operating systems. DriveSavers is the only data recovery service provider in the industry to post proof that it undergoes an annual SOC 2 Type II audit, which qualifies their security practices to handle enterprise-class recoveries and support those customers who must maintain compliance with data privacy and data security regulations including:

  • NIST (National Institute of Standards & Technology) SP 800-171
  • NIST (National Institute of Standards & Technology) SP 800.34 (Rev.1)
  • HIPAA (Health Insurance Portability and Accountability Act)
  • FERPA (Family Educational Rights and Privacy Act)
  • SOX (Sarbanes-Oxley Act of 2002)
  • GLBA (Gramm-Leach-Bliley Act of 1999)

Not only is security compliance essential for enterprise-level multi-drive devices like RAID, NAS and SAN devices, but for all data storage devices. That includes smartphones. “The smartphone ubiquity in today’s world means that they’re increasingly part of government and law enforcement investigations,” explained Rene Novoa, manager of eDiscovery and digital forensics at DriveSavers and vice president of the HTCIA Bay Area Chapter (BAC). “As government agencies look to cyber security and DFIR professionals to help with their investigations, strong security measures are essential.”
On Aug. 30 starting at 1 p.m. at the annual HTCIA International Conference and Training Expo, Novoa will speak on advanced mobile forensics and how to overcome physical challenges with laboratory services. The largest conference for cyber security and DFIR professionals, the HTCIA Conference will be held at the J.W. Marriott Las Vegas from Aug. 28–31.
To learn more about DriveSavers digital forensic expertise, visit booth #306 at the HTCIA Conference.

Back To Top