SAS 70 Type II Security : 

A variety of government-compliance regulations that have been created over the past several years — including the standards imposed by the Sarbanes-Oxley Act of 2002 — require many businesses and all U.S. public companies to maintain increased, unremitting vigilance over their internal controls, customer privacy and data security. This need for enhanced oversight also extends to the Web-hosting services such as the ones that businesses use. 

Even if they're not directly subject to compliance regulations, Web-hosting companies must be prepared to deal with their impact. That's because, as they seek new enterprise customers, Web-hosting providers must be able to prove that their internal processes and controls adhere to the strict guidelines that a growing number of their customers must now embrace. The most thorough — and toughest — way of certifying such compliance is to voluntarily undergo an SAS (Statement on Auditing Standards) 70 Type II audit. 

Although an SAS 70 Type II audit is about as pleasant as undergoing a lengthy medical procedure on a sensitive body part without anesthesia, the long-term benefits are substantial. Most importantly, an SAS 70 Type II audit affirms to potential clients that the provider is qualified to handle enterprise-class hosting chores, is serious about its service commitment, and was willing to subject itself to an extensive and unpleasant audit for the benefit of its clients. One drawback of an audit is its length — it's not unusual for an auditor to spend several months analyzing activities, services and processes. Unless managed carefully, the process can also lead to delays and downtime as various systems and procedures are scrupulously inspected and tested. Providers must also consider the projects cost both in terms of up-front expenditures (a CPA auditing service isn't a trivial expense) as well as company efficiency and productivity (staff members will definitely be distracted and stressed during the audit). On the bright side, most of the audit's negative effects are transitory and will quickly vanish after the process has been completed. 

Not all Web-hosting companies need to subject themselves to an SAS 70 Type II audit. Providers that target small businesses, for example, usually have no need to do so. Yet any hosting company that aspires to attract major enterprise customers needs to consider the benefits — and trials — of undergoing an SAS 70 Type II audit. 

SAS 70 Type II compliance signifies the most stringent form of professional examination. An audit based on this level of compliance certifies that a hosting provider has had its control objectives and activities examined by a qualified independent accounting and auditing firm. SAS 70 Type II adherence demonstrates that a provider maintains adequate processes and safeguards when it hosts or processes customer data. 

An SAS 70 Type II audit is a major undertaking for any hosting provider, which has much to gain or lose depending on the audit's outcome. Key areas of analysis include. 

Coester is full compliant with SAS 70 Type II security and has underground servers with 24 hour security that is backed up every night and is under full video surveillance.