nanog mailing list archives

Re: SAS70 Type II compliant colo providers - Chicago, IL

From: Jeffrey Lyon <jeffrey.lyon () blacklotus net>
Date: Tue, 22 Sep 2009 20:53:55 -0400

Most of our customers just make up their own definition of PCI and
then demand that we help them adhere to it.

Jeff

On Tue, Sep 22, 2009 at 8:50 PM, Jay Farrell <jayfar () jayfar com> wrote:

Yes, but with PCI compliance the powers that be (credit card
companies) can actually fine you big bucks for being non-compliant.

http://www.google.com/search?hl=en&source=hp&q=pci+compliance+fines&aq=f&oq=&aqi=g1g-m1

http://www.pcicomplianceguide.org/pcifaqs.php#11

Cheers,
Jayfar

On Tue, Sep 22, 2009 at 8:17 PM, Jeffrey Lyon
<jeffrey.lyon () blacklotus net> wrote:

People buy SAS 70 compliant anything just because it's the latest
buzzword, kind of like PCI compliance.

Jeff

On Tue, Sep 22, 2009 at 7:52 PM, John Curran <jcurran () istaff org> wrote:

On Sep 22, 2009, at 11:54 AM, Andy Ashley wrote:


Hi,

I would really appreciate any recommendations for SAS70 Type II compliant
colocation providers in Chicago, IL


Andy -

  As an FYI, SAS 70 Type II compliance means whatever that provider's "SAS
70 Type II" audit document states for controls, i.e. there is no specific
requirements associated with SAS 70 Type II, only that you publish a
documented set of management and security controls and then are audited for
compliance against that list.  That may not be realized by the folks who've
sent you to go get SAS 70 Type II compliant hosting, but is something that
you probably want to keep in mind since little items like generators and
door locks aren't necessarily included.

/John




--
Jeffrey Lyon, Leadership Team
jeffrey.lyon () blacklotus net | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.

Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 -
21 to find out how to "protect your booty."




-- 
Jeffrey Lyon, Leadership Team
jeffrey.lyon () blacklotus net | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.

Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 -
21 to find out how to "protect your booty."

Current thread:

SAS70 Type II compliant colo providers - Chicago, IL Andy Ashley (Sep 22)
- Re: SAS70 Type II compliant colo providers - Chicago, IL John Curran (Sep 22)
  - Re: SAS70 Type II compliant colo providers - Chicago, IL Jeffrey Lyon (Sep 22)
    - Re: SAS70 Type II compliant colo providers - Chicago, IL Jay Farrell (Sep 22)
    - Re: SAS70 Type II compliant colo providers - Chicago, IL Jeffrey Lyon (Sep 22)
    - Re: SAS70 Type II compliant colo providers - Chicago, IL Charles Mills (Sep 22)
    - Re: SAS70 Type II compliant colo providers - Chicago, IL Christopher Morrow (Sep 22)
- Re: SAS70 Type II compliant colo providers - Chicago, IL Andy Ashley (Sep 23)