BEDFORD, Mass., Dec. 21, 2009 (GLOBE NEWSWIRE) -- SoundBite Communications, Inc. (Nasdaq:SDBT), a leading provider of on-demand, multi-channel proactive customer communications, today announced that it recently received an unqualified opinion in a Statement on Auditing Standards No. 70 (SAS 70) Type II auditor's report and that it has been certified as a Level 1 Service Provider compliant with the Payment Card Industry (PCI) Data Security Standard. This is the third consecutive year that SoundBite has been PCI certified. These rigorous compliance measures demonstrate the integrity of SoundBite's internal controls, processes and technology for protecting its clients' data.
"In concert with a best practice information security program, compliance with industry standards and regulations is a critical element of SoundBite's proactive customer communications offering," said John Nye, Senior Manager of Compliance and Information Security at SoundBite Communications. "Compliance with rigorous standards and undergoing audits by approved third parties help assure SoundBite's clients that their data will be protected when they use our solutions."
The PCI Data Security Standard mandates a set of comprehensive requirements for protecting payment account data, including requirements for infrastructure security, authentication, data security, physical security, and security policy. PCI auditors and clients conduct vulnerability and penetration tests at a network, application, physical and policy level. PCI compliance is critical for service providers working with financial institutions, credit card issuers and retailers. SoundBite's annual compliance with the industry standard is essential for many of the proactive customer communications campaigns it develops and implements on behalf of its clients, including fully-automated payment transactions and payment authorizations.
A SAS 70 auditor's report is based on an in-depth audit of internal and external control activities. SoundBite obtains an annual SAS 70 auditor's report to help assure clients that SoundBite has practices in place to protect the clients' data. A Type II report contains an opinion not only on a company's description and design of controls, but also on the effectiveness of the controls in providing reasonable assurance that control objectives were met. The opinion as to control effectiveness is based on detailed testing of controls by an external auditor over a period of at least six months.
SoundBite conducts regular security assessments using its internal security team in addition to engaging external auditors. It also complies with the U.S. Department of Commerce Safe Harbor program, which allows European companies to send SoundBite information via the Internet with the assurance that the privacy of the data will be protected consistent with the standards of EU data-protection laws. For more information about SoundBite's security and compliance practices visit http://www.soundbite.com/technology/security.
About SoundBite Communications
SoundBite Communications is a leading provider of on-demand, multi-channel proactive customer communications solutions designed to transform the way organizations communicate throughout the customer lifecycle to build trusted, lifelong and profitable relationships. Clients can leverage SoundBite's proactive customer communications offering and expertise in designing, executing and optimizing communications strategies to engage in relevant customer interactions that deliver long-term business value. Visit SoundBite.com for more information.
SoundBite is a registered service mark of SoundBite Communications, Inc.
(SDBT-G)