Press Releases

Phoenix NAP Achieves SAS 70 Type II Certification, Retains PCI DSS Validation

March 21
07:50 2011

Web Hosting NewsPhoenix, AZ – Phoenix NAP®, a next generation datacenter and network access point, today announced it is a SAS 70 Type II certified facility, following the completion of a successful audit by independent agency Security and Control LLC.

“Security has always been a major focus for us, and really what the SAS 70 certification is acknowledging is that the policies and control measures we have in place sufficiently meet operational standards,” said Ian McClarty, president of Phoenix NAP. “This is not only a benefit to our facility, it’s a benefit to all of our clients and any potential clients. Rather than initiate a complete security audit of the datacenter on their own, they can save the expense and view our independent report.”

[swfobj src=”×250.swf” width=”300/250″ align=”right”]
SAS 70 is a widely recognized auditing standard developed by the American Institute of Certified Public Accounts (AICPA) that measures service organizations’ controls and safeguards.

Additionally, the datacenter maintains its status as a Payment Card Industry Data Security Standard (PCI DSS) Validated Services Provider after Coalfire Systems, Inc., a Qualified Security Assessor (QSA), completed its independent audit.

“Not many datacenters carry the distinction of a PCI DSS validated services provider, and we are thrilled to be among those that do. Again, this validation ultimately benefits clients, as anyone that needs to meet PCI DSS for their particular operation is able to leverage the physical security measures Phoenix NAP has in place to meet that portion of their own PCI DSS audit,” said McClarty.

A set of both physical and electronic security mandates designed to protect cardholder data and online consumer transactions, PCI DSS requires any business that accepts, stores, or transmits credit card payments or electronic funds to be in compliance.

Phoenix NAP is listed on the Global List of PCI DSS Validated Entities, and as part of the audits to achieve SAS 70 Type II and PCI DSS validation, the datacenter has also been deemed to be HIPAA compliant.

About Phoenix NAP
Phoenix NAP, LLC is a privately held organization of operational, networking and management professionals that have worked in the datacenter and IT fields since the early 1990s. The company employs a unique approach to providing flexible datacenter solutions that are tailored to meet the differing needs of small businesses and large enterprises. For more information, visit the company’s website at

About Security and Control LLC
Security and Control LLC is a Denver-based professional services and licensed Colorado Certified Public Accounting (CPA) firm founded by two veterans of Big4 public accounting firms with a combined 40 years of information technology and accounting experience. SaC is a member firm of the AICPA and the AICPA Private Companies Practice Section (PCPS), principles have also been Internal Audit Directors for three public companies. SaC specializes in providing technology, accounting, and advisory services to companies within regulated industries and has provided SAS70, HIPAA, and Payment Card Industry security and control services for companies worldwide. For information, visit the company’s Web site at

About Coalfire Systems
Coalfire is a leading, independent IT audit and compliance firm that provides information technology (IT) audit, security assessment and compliance management solutions. The company has grown rapidly since it began in 2001 and now completes more than 1,000 projects annually in retail, financial services, healthcare, government and utilities. Coalfire has developed a new generation of technology-enabled IT compliance management tools under the Navis brand. These tools enable Coalfire to efficiently deliver governance, risk and compliance (GRC) services and keep pace with rapidly-changing regulations and best practices. Coalfire’s solutions are adapted to requirements under emerging data privacy legislation, including the PCI Data Security Standard, Gramm-Leach-Bliley Act, HIPAA/HITECH, NERC CIP, Sarbanes-Oxley and FISMA. For more information, please visit

Tired of web hosts who fail in every regard? Check out for a list of tested and approved hosts.

About Author

Providing Web Host News, Discussions, Reviews, Commentary, Interviews and Blog Articles to the FindMyHost, Inc. Network.

Related Articles

Special Offers: