Cervalis undergoes annual SSAE 16 audits and maintains Cybertrust Certification.
Cybertrust certification demonstrates that our operational processes and controls meet superior standards of security, reliability
and availability—an assurance that our clients can pass on to their own customers.
We are also proud to be a member of the Cisco Powered Network Program.
 Standards for Attestation Engagements No. 16 (SSAE 16)
Cervalis undergoes annual SSAE 16 audits. Third party auditors conduct the audit, which requires meticulous reviews and tests
of Cervalis' operational procedures and controls.
The SSAE 16 audit included comprehensive reviews and tests of Cervalis'
infrastructure, including power, physical and electronic security measures, backup
and recovery procedures, customer setup, network security, maintenance procedures,
infrastructure change management, environmental safeguards, communications, customer
service, management and user controls and insurance coverage.
SSAE 16 was developed by the American Institute of Certified Public Accountants
(AICPA) for service providers that wish to demonstrate a high level of control
effectiveness to independent auditors. It has become one of the most widely recognized
auditing standards for service companies.
 Cybertrust
For several consecutive years, Cervalis has received the highly demanding Cybertrust
Service (formerly known as TruSecure) Provider security assurance certification. Cybertrust Corporation is the
leading provider of intelligent risk management products and services, and its
certification is the de facto standard for secure IT and Internet operations.
Cybertrust’s Risk Management Program is an industry-recognized risk
reduction methodology that addresses all aspects of information security,
from network and system vulnerability analysis to physical and policy evaluation.
The certification tests are performed regularly, and companies must meet
all of the standards outlined
by Cybertrust order to maintain certification.
Under the program, Cervalis works with Cybertrust to regularly assess the company’s
overall security strategy with regard to its operations environment. The assessment
covers six categories of risk: privacy, electronic threats and vulnerabilities,
malicious code, physical security, human factors and downtime issues.
The goal of the Cybertrust Risk Management Program is to verify and implement
effective security controls at every point within Cervalis’ network infrastructure,
and then check them on an ongoing basis to ensure they are continuously met.
Evaluation procedures under the Cybertrust program include:
•
Repeated external and internal network scanning of the critical devices
in Cervalis’ network
• Network configuration reviews
•
Onsite inspections of Cervalis’ physical environment, including susceptibility
to theft, and Cervalis’ perimeter physical defenses, such as gates, locks,
surveillance devices and alarms
• Reviews of information security policies and procedures
 Cisco Powered Network Program
Cervalis’ network is based on Cisco products and services, ensuring our
clients the highest levels of availability and reliability. We are honored to
be a member of the Cisco
Powered Network Program, which recognizes providers that maintain industry leading
levels of network quality. Cisco established the
program in 1997 to help businesses find high-quality, reliable service providers.
|
