- Solutions
- Platform
- Industries
- Partners
- Resources
- About Us
SoundBite Communications Confirms Integrity of Data Security Practices
TMCNet
SoundBite Communications, Inc., a provider of on-demand, multi-channel proactive customer communications, announced that it recently received an unqualified opinion in a Statement on Auditing Standards No. 70, or "SAS 70,” Type II auditor's report. Also, it has been certified as a Level 1 Service Provider compliant with the Payment Card Industry, or “PCI,” Data Security Standard.
This is the third consecutive year for SoundBite to be PCI certified. These compliance measures demonstrate the integrity of SoundBite's internal controls, processes and technology for protecting its clients' data.
“In concert with a best practice information security program, compliance with industry standards and regulations is a critical element of SoundBite's proactive customer communications offering,” John Nye, senior manager of Compliance and Information Security at SoundBite Communications, said.
“Compliance with rigorous standards and undergoing audits by approved third parties help assure SoundBite's clients that their data will be protected when they use our solutions,” Nye added.
The PCI Data Security Standard mandates a set of comprehensive requirements for protecting payment account data, including requirements for infrastructure security, authentication, data security, physical security, and security policy. PCI auditors and clients conduct vulnerability and penetration tests at a network, application, physical and policy level.
SoundBite's annual compliance with the industry standard is required for many of the customer communications campaigns it implements for its clients, including fully-automated payment transactions and payment authorizations.
A SAS 70 auditor's report is based on an audit of internal and external control activities. SoundBite obtains an annual SAS 70 auditor's report to help assure clients. A Type II report contains detail on a company's description, design of controls, and effectiveness of the controls in providing reasonable assurance that control objectives were met.
SoundBite conducts regular security assessments by its internal security team and external auditors. It also complies with the U.S. Department of Commerce Safe Harbor program, which allows European companies to send SoundBite information via the Internet with the assurance that the privacy of the data will be protected consistent with the standards of EU data-protection laws.
