Yes, but with PCI compliance the powers that be (credit card companies) can actually fine you big bucks for being non-compliant.
http://www.google.com/search?hl=en&source=hp&q=pci+compliance+fines&aq=f&oq=&aqi=g1g-m1 http://www.pcicomplianceguide.org/pcifaqs.php#11 Cheers, Jayfar On Tue, Sep 22, 2009 at 8:17 PM, Jeffrey Lyon <jeffrey.l...@blacklotus.net> wrote: > People buy SAS 70 compliant anything just because it's the latest > buzzword, kind of like PCI compliance. > > Jeff > > On Tue, Sep 22, 2009 at 7:52 PM, John Curran <jcur...@istaff.org> wrote: >> On Sep 22, 2009, at 11:54 AM, Andy Ashley wrote: >>> >>> Hi, >>> >>> I would really appreciate any recommendations for SAS70 Type II compliant >>> colocation providers in Chicago, IL >> >> Andy - >> >> As an FYI, SAS 70 Type II compliance means whatever that provider's "SAS >> 70 Type II" audit document states for controls, i.e. there is no specific >> requirements associated with SAS 70 Type II, only that you publish a >> documented set of management and security controls and then are audited for >> compliance against that list. That may not be realized by the folks who've >> sent you to go get SAS 70 Type II compliant hosting, but is something that >> you probably want to keep in mind since little items like generators and >> door locks aren't necessarily included. >> >> /John >> >> >> > > > > -- > Jeffrey Lyon, Leadership Team > jeffrey.l...@blacklotus.net | http://www.blacklotus.net > Black Lotus Communications of The IRC Company, Inc. > > Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 - > 21 to find out how to "protect your booty." > >
