Enterprise customers who focus on SAS-70 vendors realize that not all SAS-70 certifications are the same.  AssureSign, like some other electronic signature vendors, provides customers with the security of running their cloud-based, or SaaS, offering in a SAS-70 Type II environment.  However, other signature vendors merely host their application on other systems, located in someone else’s SAS-70 data center.  That’s great, they are SAS-70 Type II, but there is more to SAS-70 Type II certification than outsourcing your data center.  Which is why AssureSign runs our own Tier 4 (highest possible type) SAS-70 Type II data center.

AssureSign takes it to the next level.  First, we have explicit control over uptime – our own enterprise class, fully redundant (also geo-redundant) in-house data center is SAS-70 Type II certified, offering a Tier 1 level of reliability, providing our customers 99.994% uptime over the last 4 years!  Secondly, we take it to the next level with enterprise-wide SAS-70 Type II certification.

Obtaining enterprise-wide SAS-70 Type II certification means that ALL aspects of AssureSign have a specifically defined tested process and we’re audited annually to assure we adhere to those processes.   This certification includes all internal processes and systems such as software/code development, quality assurance, soft releases, human resources and billing.  Just as important are all customer facing processes such as sales, training and customer support.  The all-encompassing certification means that the way we develop our industry-leading applications and deploy them on our owned and controlled servers while supporting them in certified processes ensures the best possible level of service.

This is important to us and should be more important to our customers.   In order to provide a true enterprise-class SaaS offering, all aspects of the business need to operate in an enterprise class environment at all levels.  This is certainly exemplified by our ever-expanding enterprise-level customer base, who see the value in enterprise-wide SAS-70 Type II certification and, more importantly, understand and appreciate the difference between AssureSign and any other electronic signature vendor.

AssureSign and sister company 3PV have over 10 years of experience in providing SaaS applications, having processed 30 million transactions and over 100 million unique ‘signature events’ and we will continue to lead the field in enterprise class offerings in products, features and customer support.

Rigorous Certification Reaffirms AssureSign’s High Quality Operational Standards and Controls

AssureSign LLC, a leader in electronic signature technology, today announced that it has successfully completed an enterprise-wide Statement on Auditing Standards No. 70 (SAS-70) Type II audit, which assesses the operational effectiveness of internal controls within service organizations. The audit provides assurance that AssureSign employs uniform and reliable operational controls to safeguard customer data, meeting the strictest industry standard. AssureSign completed the SAS-70 Type I audit in June 2009.

The SAS-70 Type II certification designates that adequate controls and safeguards are in place and operating effectively in regards to customer data that is hosted or processed by AssureSign. These high quality operations are required today by all industries, particularly by organizations that deal with financial transactions or critical data.

The SAS-70 audit, issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA), defines the professional standards used by a service auditor to assess the internal controls of a service organization. It was developed for service providers who wish to demonstrate the establishment of effectively designed control objectives and control activities, and has become one of the most widely recognized auditing standards for service organizations.

The scope of AssureSign’s SAS-70 audit is not exclusive to its world-class, mission critical data center; it incorporates controls from every aspect of AssureSign’s operational process including: human resources, information technology physical security, information technology logical security, client provisioning and account maintenance, accuracy and timeliness of transaction processing, application development, testing and change management, and statutory compliance.

“Achieving SAS-70 compliance demonstrates AssureSign’s commitment to delivering value to our customers and exceeding their expectations. As a hosted services provider, it’s essential for our customers to have effective controls, standards and infrastructure in place to completely protect their data,” said Steven Cardillo, AssureSign’s chief financial officer. “We feel strongly that our processes and transactions fall under the same scrutiny. It is very important that our clients feel that we have their best interest in mind.”

“It’s important to AssureSign’s customers that we have safeguards in place to protect the security, privacy and sensitivity of their data, and completing an enterprise-wide SAS-70 Type II audit provides further validation and assurance of that,” said David Brinkman, AssureSign’s chief executive officer. “We are proud of this very significant investment in time and resources and know it significantly sets us apart from our peers and competitors.” 

It feels great to be known as leader and innovator.  It feels even better, and it’s very flattering, that our competitors have replicated some of our popular features this year.  With ground-breaking firsts including biometric signature capture with a mouse, data collection in the signing process, the ability to completely embed electronic signatures in existing applications with 100% customer branding (no receiving emails from some unknown or unexpected source) and the ability to sign remotely and in-person, we are very excited to offer the next game-changing offering with AssureSign Verbal Agreements.

Customer acquisition – getting the contract signed faster – is one of the greatest benefits recognized by electronic signature users.  With new verbal agreements, you can speed that up even more – no waiting for emails to arrive, waiting for the customer to open and sign, you can now secure their verbal agreement while you still have them on the phone – it simply could not be faster than that!

Using the latest in speech recognition software and systems, AssureSign customers can now capture a legally binding, ESIGN and UETA compliant, verbal agreement with just a click of the mouse.  The company representative simply makes the request from their desktop, dials an 800-number and creates a conference with the AssureSign system and their customer.  By answering a few simple identification and compliance questions, a signatory can agree to terms and conditions and sign verbally.  The recording of this agreement, in its entirety, is captured, stored and retrieved in the same way as a written agreement that is electronically signed.

Customers can also secure a verbal agreement or commitment and follow-up with a traditional written agreement that is electronically signed.  Serenity Insurance has been doing this combination since 2006 and has increased their policy close rates by 65%!

You are probably asking, “Is this for real?”  Well, of course it is!  With more than 26 million written and verbal agreements to-date, AssureSign remains the industry thought leader and innovator and the ONLY electronic signature vendor to be enterprise-wide SAS 70 certified (not just our data center)!

The game has changed again – and we can’t wait to show you our new verbal agreements.  Contact us today to schedule a demonstration or come see us at Dreamforce 2009!

Rigorous Certification Reaffirms AssureSign’s High Quality Operational Standards and Controls

AssureSign LLC, a leader in electronic signature technology, today announced its successful completion of an enterprise-wide SAS-70 Type I audit, demonstrating AssureSign’s commitment to safeguarding customer data by meeting the strictest industry standard.

The SAS-70 Type I certification designates that adequate controls and safeguards are in place and operating effectively in regards to customer data that is hosted or processed by AssureSign. These high quality operations are required today by all industries, particularly by organizations that deal with financial transactions or critical data.

The SAS-70 audit, issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA), defines the professional standards used by a service auditor to assess the internal controls of a service organization. It was developed for service providers who wish to demonstrate the establishment of effectively designed control objectives and control activities, and has become one of the most widely recognized auditing standards for service organizations.

The scope of AssureSign’s SAS-70 audit is not exclusive to its world-class, mission critical data center; it incorporates controls from every aspect of AssureSign’s operational process including: human resources, information technology physical security, information technology logical security, client provisioning and account maintenance, accuracy and timeliness of transaction processing, application development, testing and change management, and statutory compliance.

“Achieving SAS-70 compliance demonstrates our commitment to protecting our customers’ sensitive data,” said David Brinkman, AssureSign’s chief executive officer. “AssureSign customers can feel confident regarding the controls that we maintain, ensuring the security of customer data and providing the highest level of integrity.  We are proud of this very significant investment in time and resources and know it significantly sets us apart from our peers and competitors.”  

Ongoing SAS-70 auditing will continue to reassess and improve AssureSign’s security and compliance best practices. SAS-70 Type II certification is expected to be completed in early 2010.

“The SAS-70 audit is the definitive overview by which a service provider can validate its operating effectiveness,” said Steven Cardillo, AssureSign’s chief financial officer. “Earning Type II certification of our services facilities will illustrate our dedication to the highest standards of service for our customers.”

AssureSign LLC, a leader in electronic signature technology, officially unveiled the latest release of its AssureSign product, AssureSign v2.0.3. With this new release, AssureSign delivers a higher degree of security and compliance.

AssureSign is a web-hosted service that facilitates the managed processing of documents in an all-digital, highly secure, mission critical, environment. The primary focus of the latest release is the addition of security features to enhance AssureSign’s ability to match the enterprise-level security requirements mandatory for compliance by companies in financial services, healthcare, and numerous other industries.  New features include account security settings regarding password strength, re-use, expiration and lockout, as well as the ability to require personal X.509 certificates for document signers.

To further the goal of meeting clients’ regulatory requirements, AssureSign formalized a HIPAA Compliance Plan in January 2009. The HIPAA Privacy Rule protects the privacy of individually identifiable health information, and patient confidentiality. All customer care staff, software engineers and information technology department staff have completed HIPAA privacy and security training. This move to address Electronic Protected Health Information illustrates AssureSign’s commitment to addressing the needs of specific industries with regard to security.

AssureSign is also in the process of earning an enterprise-wide SAS 70 certification. A SAS 70 certification represents that a service organization has been through an in-depth audit of their control objectives and control activities, including controls over information technology and related processes. SAS 70 certification demonstrates that a service organization has adequate controls and safeguards when hosting or processing data belonging to customers.  Type 1 certification will be completed in the second quarter of 2009, and Type  2 certification is expected near the end of the year.

“Our SAS 70 initiative is focused on the entire range of services, infrastructure, processes and back office systems used to deliver the AssureSign solution to our customers.  This differentiates us from those who simply state that their servers are located elsewhere in a SAS 70 data center.   If you understand what SAS 70 means, you understand the difference, “ said David W. Brinkman, AssureSign’s Chief Executive Officer. “With the release of our enhanced security version and the various measures we’ve taken to ensure we remain compliant, AssureSign now offers unparalleled security, further enhancing our electronic signature technology. And since AssureSign is a Software-as-a-Service (SaaS) application, existing customers can immediately have this new functionality without having to upgrade any software on their system.”