Skip to content

Press Release: DriveSavers Meets New SSAE 18 Security Standards

Leader in data recovery, eDiscovery, digital forensics addresses SSAE 18 SOC2 Type II guidelines.
DriveSavers, the worldwide leader in data recovery, eDiscovery and digital forensics, announces compliance with new data security requirements added to Standards Organization Controls (SOC) 1 and 2.
The American Institute of Certified Public Accountants (AICPA) recently enacted updated attestation standards for SOC 1 and 2. As of May 1, 2017, all service organizations who wish to certify as maintaining security measures compliant with these protocols must pass Statement on Standards for Attestation Engagements (SSAE) No. 18, otherwise known as SSAE 18, rather than the previous standard, SSAE 16.
The new standards are meant to converge the varying degrees of compliance standards that previously existed and bring all U.S. standards up to international standards of compliance. New requirements by these regulations are practices that DriveSavers has already been adhering to for several years, including regular risk assessment and detailed reporting of the security practices of third-party services used by the company. DriveSavers already meets international data security protocols such as the Privacy Shield Framework and organizational data security protocols such as those for financial, legal, corporate and healthcare industries, including HIPAA, GLBA, FERPA, SOX and others.
“It’s absolutely essential that we protect the integrity of our customers’ data,” explained Michael Hall, chief information security officer at DriveSavers. “Each year, DriveSavers undergoes a company-wide SOC 2 Type II audit of internal data hosting and process controls to guarantee our data recovery services uphold the stringent data security and privacy protocols mandated by the corporate clients and government agencies we serve. Our most recent audit included the updated SSAE 18 standards, and DriveSavers passed with flying colors.”
Not only is security compliance essential for enterprise-level multi-drive devices like RAID, NAS and SAN devices, but for all data storage devices. That includes smartphones.
“The smartphone ubiquity in today’s world means that they’re increasingly part of government and law enforcement investigations,” explained Rene Novoa, manager of eDiscovery and digital forensics at DriveSavers and vice president of the HTCIA Bay Area Chapter (BAC). “As government agencies look to cyber security and DFIR professionals to help with their investigations, strong security measures are essential.”
Over the last 32 years, DriveSavers has worked extensively with law enforcement agencies to provide legally defensible investigations and reports, and has experience understanding and interpreting data from all types of digital devices and operating systems. DriveSavers is the only data recovery service provider in the industry to post proof that it undergoes an annual SOC 2 Type II audit, which qualifies their security practices to handle enterprise-class recoveries and support those customers who must maintain compliance with data privacy and data security regulations including:

  • NIST (National Institute of Standards & Technology) SP 800-171
  • NIST (National Institute of Standards & Technology) SP 800.34 (Rev.1)
  • HIPAA (Health Insurance Portability and Accountability Act)
  • FERPA (Family Educational Rights and Privacy Act)
  • SOX (Sarbanes-Oxley Act of 2002)
  • GLBA (Gramm-Leach-Bliley Act of 1999)

About DriveSavers Data Recovery

With over 30 years of award-winning success, DriveSavers is the worldwide leader in data recovery, providing the fastest, most reliable and certified secure data recovery, eDiscovery and digital forensic services in the industry. All of the company’s services meet security protocols for financial, legal, corporate and healthcare industries.
DriveSavers retrieves critical files from all types of data storage media, including solid state drives (SSDs), hard disk drives (HDDs), smartphones, camera cards and enterprise-level devices such as RAID, NAS and SAN. The company handles all kinds of data loss situations, including mechanical failure, physical, water and fire damage, data corruption, file deletions and more.
All leading manufacturers authorize DriveSavers to open sealed drive mechanisms without voiding the original warranty, including Intel, Toshiba, OCZ, OWC, SanDisk, Apple, Western Digital, Patriot, Plextor, LiteOn, Dell, Sony, Microsemi, Avid, Buffalo, Drobo, Broadcom, Overland, Promise, QNAP, ATTO, Dot Hill, CiDesign, ioSafe, NetApp, Thecus, HGST, ADATA, Kingston, VMWare and more.
Customers include Bank of America, Google, Lucasfilm, NASA, Harvard University, St. Jude Children’s Research Hospital, U.S. Army and Sandia National Laboratories.

Back To Top