Mozy Completes Certification

Mozy, the online backup service from EMC Corporation, announced it completed a SAS 70 (Statement on Auditing Standards No. 70: Service Organizations) Type II audit and received 27001 certification by the International Organization for Standardization (ISO).

In combination, these validations of Mozy’s standards for security demonstrate the level of protection that business and consumer data receive as part of Mozy’s backup services, setting apart Mozy’s services from some other online backup vendors.

"We keep very sensitive data on our network, and when we risk-assess which vendors are safe to work with, these audits and certifications are high up on the list," said customer Rick Razum, Vice President of Information Technology of The State Bank of Geneva. "I do realize it’s a long, thorough and expensive process to go through a SAS 70 Type II audit, and for those reasons most companies don’t do it. So it means that much more to us that Mozy would pursue this. It gives us one more reason to justify our using MozyPro to back up our computers and servers for years to come."

SAS 70 is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). SAS 70 verifies a service organization has been through an in-depth audit of its control objectives and control activities.

ISO 27001 certification is an international standard for measuring information security management systems. It sets out requirements and best practices for a systematic approach to managing company and customer information based on periodic risk assessments appropriate to changing threat scenarios.

"Data center audits and certifications are terrific stamps of approval for online backup providers, and customers should understand the significance of the SAS 70 Type II audit in particular," said David A. Chapa, Senior Analyst, Enterprise Strategy Group. "Type I is limited to only an auditor’s opinion on the provider’s description of its processes and controls, whereas a Type II audit, which is what Mozy has been awarded, includes an actual physical inspection of the operation over a period of time. Think of the completion of the audit as a black belt in karate, with the depth of the audit as one of the 10 degrees in the ranking. These are significant achievements for Mozy."

"The ISO 27001 certification and successful completion of the SAS 70 Type II audit proves our dedication and commitment to protecting our customers’ data by making sure our own operations are safe and secure," said Charlotte Yarkoni, Chief Operating Officer of Mozy. "We’re not just asking you to take our word for it, as the ISO certification and SAS 70 Type II audit are third party confirmations of the high standards we hold ourselves to in providing the safest, most reliable online backup service on the planet."