Mozy Completes Successful SAS 70 Type II Audit and ISO 27001 Certification
Additional Controls Ensure Secure, Quality Processes for Mozy, Setting Company Apart From Other Online Backup Providers
SEATTLE – April 14, 2011 – Mozy™, the industry-leading online backup service from EMC Corporation (NYSE: EMC), today announced it successfully completed a SAS 70 (Statement on Auditing Standards No. 70: Service Organizations) Type II audit and received 27001 certification by the International Organization for Standardization (ISO). In combination, these validations of Mozy's standards for security demonstrate the level of protection that business and consumer data receive as part of Mozy's backup services, further setting apart Mozy's services from those of other online backup vendors.
"We keep very sensitive data on our network, and when we risk-assess which vendors are safe to work with, these audits and certifications are high up on the list," said customer Rick Razum, Vice President of Information Technology of The State Bank of Geneva. "I do realize it's a long, thorough and expensive process to go through a SAS 70 Type II audit, and for those reasons most companies don't do it. So it means that much more to us that Mozy would pursue this. It gives us one more reason to justify our using MozyPro® to back up our computers and servers for years to come."
SAS 70 is a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). SAS 70 verifies a service organization has been through an in-depth audit of its control objectives and control activities.
ISO 27001 certification is the leading international standard for measuring information security management systems. It sets out requirements and best practices for a systematic approach to managing company and customer information based on periodic risk assessments appropriate to ever-changing threat scenarios. By achieving this certification, Mozy shows its commitment to its client information and its preparation to face the growing threats to digital information.
"Data center audits and certifications are terrific stamps of approval for online backup providers, and customers should understand the significance of the SAS 70 Type II audit in particular," said David A. Chapa, Senior Analyst, Enterprise Strategy Group. "Type I is limited to only an auditor's opinion on the provider's description of its processes and controls, whereas a Type II audit, which is what Mozy has been awarded, includes an actual physical inspection of the operation over a period of time. Think of the completion of the audit as a black belt in karate, with the depth of the audit as one of the 10 degrees in the ranking. These are significant achievements for Mozy."
"The ISO 27001 certification and successful completion of the SAS 70 Type II audit proves our dedication and commitment to protecting our customers' data by making sure our own operations are safe and secure," said Charlotte Yarkoni, Chief Operating Officer of Mozy. "We're not just asking you to take our word for it, as the ISO certification and SAS 70 Type II audit are third party confirmations of the high standards we hold ourselves to in providing the safest, most reliable online backup service on the planet.”