DriveSavers Guarantees Data Security Compliance with Updated NIST Guidelines for Controlled Unclassified Information

Leader in data recovery, eDiscovery, digital forensics addresses NIST SP 800-171 guidelines
(Novato, Calif. – August 26, 2016) — DriveSavers, the worldwide leader in data recovery, eDiscovery 和 digital forensic services, announces compliance with the latest NIST regulations designed to protect controlled unclassified information (CUI) outside the government.
Published in 2015, NIST Special Publication 800-171: Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, applies to components of nonfederal information systems and organizations that process, store or transmit CUI, or provide security protection for these components.
“We understand that it’s absolutely essential for our customers to know that DriveSavers can protect the integrity of their data,” explained Michael Hall, chief information security officer at DriveSavers. “Each year, DriveSavers undergoes an annual SOC 2 Type II audit of internal data hosting and process controls to guarantee our data recovery services uphold the stringent data security and privacy protocols mandated by the government agencies we serve. All the guidelines outlined in NIST SP 800-171 are covered by this audit.”
Over the last 30 years, DriveSavers has worked extensively with law enforcement agencies to provide legally defensible investigations and reports, and has experience understanding and interpreting data from all types of digital devices and operating systems. DriveSavers is the only data recovery service provider in the industry to post proof that it undergoes an annual SOC 2 Type II audit, which qualifies their security practices to handle enterprise-class recoveries and support those customers who must maintain compliance with data privacy and data security regulations including:

• NIST (National Institute of Standards & Technology) SP 800-171
• NIST（美國國家標準與技術研究院）SP 800.34（第1版修訂）［美國資訊系統營運持續性標準］
• HIPAA（健康保險可攜性與責任法案）［美國針對健康資料保護的法規］
• FERPA（家庭教育權利與隱私法案）［美國保護學生與家庭教育資料的法律］
• SOX（薩班斯—奧克斯利法案，2002年）［美國針對企業財務透明度與問責的法規］
• GLBA（1999 年 Gramm-Leach-Bliley 法案）［美國金融資訊隱私保護法］

Not only is security compliance essential for enterprise-level multi-drive devices like RAID, NAS and SAN devices, but for all data storage devices. That includes smartphones. “The smartphone ubiquity in today’s world means that they’re increasingly part of government and law enforcement investigations,” explained Rene Novoa, manager of eDiscovery and digital forensics at DriveSavers and vice president of the HTCIA Bay Area Chapter (BAC). “As government agencies look to cyber security and DFIR professionals to help with their investigations, strong security measures are essential.”
On Aug. 30 starting at 1 p.m. at the annual HTCIA International Conference and Training Expo, Novoa will speak on advanced mobile forensics and how to overcome physical challenges with laboratory services. The largest conference for cyber security and DFIR professionals, the HTCIA Conference will be held at the J.W. Marriott Las Vegas from Aug. 28–31.
To learn more about DriveSavers digital forensic expertise, visit booth #306 at the HTCIA Conference.