Equinix Announces SSAE 16 Standards Compliance for 39 Data Centers in North America
Redwood City, CA - 2 February 2012
Rigorous third-party review validates Equinix’s commitment to providing the highest levels of security and environmental controls to its data center customers
Equinix, Inc. (Nasdaq: EQIX), a provider of global data center services, today announced that 39 of its North American data centers have achieved Statement on Standards for Attestation Engagements (SSAE) No. 16 Type II standards compliance. Assessed by auditors from Deloitte & Touche and Brightline, this certification demonstrates Equinix’s commitment to the highest standards of operational excellence for its 4,000 customers around the world.
The audits, which were conducted at Equinix’s International Business Exchange™ (IBX®) data centers, determined that 39 of these sites meet or surpass SSAE16 standards for physical security and environmental controls, many for the third consecutive year. The certification is of particular importance to Equinix’s financial services customers, for which SSAE16 compliance is often a requirement. This announcement comes on the heels of Equinix achieving greater than ‘six nines’ of availability (99.9999%) across its North American IBX facilities in 2011.
“To achieve SSAE16 compliance across such a large number of facilities is a tremendous accomplishment for Equinix. We understand that for our customers, knowing Equinix’s facilities have the highest levels of security and controls is critical, and this certification confirms it for them,” said Sam Kapoor, chief operating officer, Equinix Americas.
SSAE No. 16 is a new reporting standard for services organizations put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA). SSAE16, which replaces Statement on Auditing Standards No. 70 (SAS70), addresses engagements undertaken by a service auditor for reporting on controls at service organizations (e.g., data center providers) that provide services to user entities, for which a service organization’s controls are likely to be relevant to a user entity’s internal control over financial reporting (ICFR).