SSAE-16 (replaced SAS-70) is not a certification for the 'service' being delivered, it is more of a Certification of Processes etc followed by the Organization offering the service.
https://www.ssae-16.com/ssae-16/the-ssae16-auditing-standard/ Regards Faisal Imtiaz Snappy Internet & Telecom 7266 SW 48 Street Miami, FL 33155 Tel: 305 663 5518 x 232 Help-desk: (305)663-5518 Option 2 or Email: [email protected] ----- Original Message ----- > From: "Matt Hoppes" <[email protected]> > To: [email protected], [email protected] > Cc: "Principal WISPA Member List" <[email protected]> > Sent: Tuesday, June 30, 2015 3:14:54 PM > Subject: Re: [WISPA Members] [AFMUG] Banks & Law Enforcement over Wireless > > How exactly is a copper phone line SSAE-16 certified? > > > Matt Hoppes > Director of Information Technology > Indigo Wireless > +1 (570) 723-7312 > > On 6/30/15 3:08 PM, Faisal Imtiaz wrote: > >>>The bank for example is moving from hosting on-site and going to the cloud > >>>so they'll no longer store any user data at their branch but someone else > >>>hosts it. > > > > This is a bit of a sticky wicket..... let me see if I can try to explain > > it.. > > > > If and when the Bank goes thru a Security Test / Audit, they are going > > to need SSAE-16 certification from all of their 'transport' providers. > > > > If you are providing them with an Internet Connection, and they can do > > what they please, then it becomes their problem. However if and when the > > Auditors ask for the SSAE-16 cert, and it becomes a must for the bank to > > have it, then you will loose... (SSAE-16 cert is not simple, easy nor > > in-expensive to get). > > > > As for Law Enforcement agencies, I don't have much info on what they > > require. > > > > Your Mileage may vary. > > > > > > Faisal Imtiaz > > Snappy Internet & Telecom > > 7266 SW 48 Street > > Miami, FL 33155 > > Tel: 305 663 5518 x 232 > > > > Help-desk: (305)663-5518 Option 2 or Email: [email protected] > > > > ------------------------------------------------------------------------ > > > > *From: *"Darin Steffl" <[email protected]> > > *To: *[email protected], [email protected], "Principal WISPA Member List" > > <[email protected]> > > *Sent: *Tuesday, June 30, 2015 2:39:00 PM > > *Subject: *[AFMUG] Banks & Law Enforcement over Wireless > > > > Hey guys, > > > > We're working with some local banks and law enforcement agencies to > > provide internet service to them and understandably, they're asking > > about security and if our fixed wireless service is secure enough > > for their service. > > > > I usually respond saying we use hardware encryption (WPA2-AES) on > > all our links but that their data also runs over SSL or some type of > > encrypted tunnel between their devices and their servers. The bank > > for example is moving from hosting on-site and going to the cloud so > > they'll no longer store any user data at their branch but someone > > else hosts it. I'm sure they have an encrypted tunnel of some sort > > to protect their data so the medium whether fiber or wireless really > > shouldn't matter. > > > > Has anyone dealt with banks or law enforcement agencies on the > > "Wireless" security issue and have any resources to provide them > > with a satisfactory answer? > > > > Thank you > > > > -- > > Darin Steffl > > Minnesota WiFi > > www.mnwifi.com <http://www.mnwifi.com/> > > 507-634-WiFi > > <http://www.facebook.com/minnesotawifi> Like us on Facebook > > <http://www.facebook.com/minnesotawifi> > > > > > > > > > > _______________________________________________ > > Members mailing list > > [email protected] > > http://lists.wispa.org/mailman/listinfo/members > > > _______________________________________________ > Members mailing list > [email protected] > http://lists.wispa.org/mailman/listinfo/members >
