SSAE No. 16 compliant (formerly SAS70)?

We colocate out of different datacenters. To the best of my knowledge, these certifications are obtained by the facilities themselves (if they choose to do so). You can open a support ticket to inquire about a specific facility.

-Tim

If an SSAE 16 assessment is a requirement for your client, you probably shouldn't be looking at budget VPSs.

@OverlordQ:

If an SSAE 16 assessment is a requirement for your client, you probably shouldn't be looking at budget VPSs.

What gave you the impression that Linode offered budget VPSes?

Because that's what I would consider their offerings given their resource limits and price points?

I'm not implying any sort of quality level, I'm saying any place that will attach SSAE 16/SAS 70/HIPPA reviewed/assessed/compliant stickers on their offerings are going to also cost you about ten times more then what Linode charges.

I know Linode has expanded quite a bit over the last 8 years, but I dont imagine they really have the time and money to go through a 6-12 month audit every year.

Our company (for my day job) is compliant, and yeah, it's a constant pain. But the customers require it.

For those who aren't aware, SAS70 (or now SSAE16) isn't about providing standards that you must adhere to, it's more a certification that your company is following its own policies/controls, that those controls are effective at accomplishing what they're supposed to, that sort of thing.

If you say that you will do X, and that that will be ensured by doing Y, they will audit that you are in fact doing X, and that Y is sufficient to ensure X, etc.

Who performs these audits?