Digital Forensics—Don’t Risk Destroying Digital Evidence
By John Ahearne, Forensic Analyst When data is is needed for use as evidence, it…
USB Restricted Mode and Forensics – Is There a Workaround?
By John Ahearne, Forensic Analyst, and Bob Mehr, Sr. Legal Services Advisor Apple confirmed on…
Daily Journal: E-discovery for lawyers who like paper
Originally published by Daily Journal. Lawyers may earn 1 MCLE credit by visiting Written by Bob…
May 1–2: U.S. Courts CSA IT Conference
San Diego, CA • May 1–2 DriveSavers will be one of only 25 top technology…
Digital Forensic Process—Presentation
By John Ahearne, Forensic Analyst This article is part of a series that delves…
Legal Email Collection
When collecting email evidence for use in litigation, whether it’s criminal or civil in nature,…
Digital Forensic Process—Analysis
By John Ahearne, Forensic Analyst This article is part of a series that delves into…
DVR Examiner User Certification
User Certification Course 3 Day Course December 5-7, 2017 9:00–5:00 DriveSavers, Inc. 400 Bel Marin…
eWeek: Data Recovery Specialist DriveSavers Meets New SSAE 18 Security Standards
Originally published by eWeek. By Chris Preimesberger New standards converge the varying degrees of compliance standards…
Legal Technology Moves Into “IoT” Territory
By Bob Mehr, Sr. Legal Services Advisor Technology is changing today’s legal landscape as courts…
Petya/ExPetr was Data Killer, Not Ransomware
By Michael Hall, Chief Information Security Officer The malware attack that started in Eastern Europe…
Ransomware Takes a New Turn—How WannaCry was Different
By Michael Hall, Chief Information Security Officer Last month, the ransomware known as WannaCry spread…
DriveSavers is the only data recovery service provider in the industry to post proof that it undergoes an annual, company-wide SOC 2 Type II audit to guarantee data security during the data recovery process. With more than 10,000 business partners worldwide serving the financial, healthcare, government and corporate business sectors, it’s absolutely essential for our customers to know that DriveSavers can protect the integrity of their data.
—Michael Hall, CISO, DriveSavers
About the Clifton Larson Allen
LLP SOC 2 Type II Audit
DriveSavers undergoes an annual SOC 2 Type II audit of its internal data hosting and processing controls to guarantee that our data recovery services uphold the stringent data security and privacy protocols mandated by the corporate clients and government agencies we serve. These annual audits are conducted by control-oriented professionals from CliftonLarsonAllen LLP, an independent firm with experience in accounting, auditing and information security. At the end of each annual audit period, a successive six-month “look back” audit begins, and an updated report is generated reflecting the dates for which records were reviewed. The “look back” period is reflected in the dates on the report posted here.
Benefits of Working with
an Audited Data Recovery
Service Provider
By posting proof that DriveSavers undergoes a company-wide audit on an annual basis, it differentiates itself from all other data recovery service providers in the industry today. This audit verifies our qualifications to handle enterprise-class recoveries, and support those customers who must maintain compliance with data privacy and data security regulations such as:
- NIST (National Institute of Standards & Technology) SP 800.34 (Rev.1)
- HIPAA (Health Insurance Portability and Accountability Act)
- FERPA (Family Educational Rights and Privacy Act)
- SOX (Sarbanes-Oxley Act of 2002)
- GLBA (Gramm-Leach-Bliley Act of 1999)
An annual audit guarantees our customers and partners that only authorized data recovery engineers have access to their personal and confidential data. Once the recovery process is complete, data is stored on our secure network until the integrity of the recovered data is verified. Custom solutions are offered for recoveries on encrypted files and drives. Data is protected during transit to and from our facility. Should instant access of the recovered data be required, data is transmitted via a secure FTP site. Secure and permanent data destruction is available upon request.
An annual SOC 2 Type II audit is mandated by many of our data recovery customers:
- Publicly-traded companies who must comply with the Sarbanes-Oxley Act of 2002 through a SOX audit for SOX compliance
- Companies with legally-protected customer information, such as financial institutions
- Businesses that must protect health information (HIPAA)
- Universities with protected student information (FERPA)
- Loan originators and credit rating agencies and their providers (FCRA, GLBA)
- Providers of services involving eCommerce (WebTrust, PCI)
HIPAA Security Compliance
Tested and Trusted
In addition to our annual SOC 2 Type II audit, DriveSavers also undergoes HIPAA security compliance audits conducted by independent third parties. HIPAA security compliance validates our ability to handle protected health information on behalf of healthcare providers, health plans, healthcare clearinghouses and all other HIPAA covered entities in the healthcare industry.