SiteVision Certified As SOC 1 SSAE 16 Type II Compliant

AICPA Roanoke, VA October 30, 2014:  Following a robust, third-party audit, SiteVision Inc., a Virginia-based web hosting and development firm, has been certified as SOC 1 SSAE 16 Type II compliant.  The compliance standards developed by AICPA (American Institute of Certified Public Accountants) are a rigorous assessment process that audit internal controls with regard to security, trust, service and processing protocols.

The audit covered a wide swath of company controls that included administration, human resources, management, development, hosting, security policies, procedures and practices, as well as training and contracting.

Patrick Maddox, President, noted that SiteVision’s investment in the external audit represents “our total dedication to meet and exceed both our internal commitment to excellence and that of customer expectations.   While all customers benefit from such compliance, those with sensitive requirements can feel confident that SiteVision has been assessed as compliant with these important industry standards.  They can outsource areas like web hosting, cloud and co-location services knowing that we already meet SSAE 16 requirements.”

The auditing firm added: “Congratulations are in order as SiteVision has received a favorable opinion on the design and operating effectiveness of your control environment. This is a significant accomplishment and is an indication of the sound control environment you’ve established. . .”

“You have been a very responsive and professional client to work with and we absolutely appreciate all your efforts. We realize the audit process has been a major undertaking and we hope the process itself and the results of the audit prove to be beneficial going forward” (Jack Moore, CPA CITP President The Moore Group, CPA LLC)

SSAE 16 is an enhancement to the current standard for Reporting on Controls at a Service Organization, the SAS70. Among refinements to SAS70, the changes made bring US companies current with new international service organization reporting standards, the ISAE 3402.

While a Type I audit tests internal controls at a specific point in time, a Type II is time-based auditing that provides results of extensive testing over a defined period of time (at least 6 months) to determine how effectively the processes and controls are achieved.  The SOC 1 Report (Service Organization Controls Report) is a secondary report relevant to internal controls over financial reporting.

SiteVision, Inc. was found compliant with both SOC 1 and SAE 16 Type II standards.

SiteVision, Inc. ( is an Internet application development, consulting, design and hosting firm providing solutions for a broad spectrum of markets and industries, as well as for state, federal and international entities. Expertise includes custom, back-end dynamic applications, consulting to achieve unique goals, geographic information systems (GIS), content management systems, hosting services including, map and GIS application hosting, as well as custom and dedicated hosting solutions.

SiteVision, Inc. participates in, or is available through, the following state and federal contracting vehicles:

  •  Virginia VITA CAI Supplier, Managed Staff Augmentation Services Contract (VA-051123-CAI)
  •  Virginia VITA Supplier, Hosting Services Contract
  •  Virginia eVa Procurement as a sub-contractor to various state and federal private contractor entities
  •  State and Federal Sole-source Contracting

The firm has its home office in Roanoke, VA, with sales offices in Charlottesville, VA and Miami, FL.


October 2014 News & Tips

Windows 7: October 31
Cut-Off Date

Win 7 LogoAs of October 31, 2014, Microsoft will no longer supply PC partners and system builders with copies of Windows 7 Home Basic, Home Premium and/or Ultimate to preinstall on new PCs.

Both consumer and business users may have concerns over the lifecycle cutoff date posted at Microsoft. Business users in particular have not embraced Windows 8 or iterations thereof for numerous reasons – all well publicized.

According to ZDNet’s overview, this means that OEM’s may continue to sell existing stocks of Windows 7, but may not replenish their supply. The deadline, however, does not apply to PCs preinstalled with Windows 7 Professional.

Microsoft will give a one-year warning before it demands that OEMs stop selling PCs with Windows 7 Professional. Under this rule, Microsoft will allow computer makers such as Lenovo, HP and Dell to continue selling PCs with Windows 7 Professional until at least February 2015. You can read more at ZDNet or at Microsoft.

iPhone 6 vs Galaxy Note 3iPhone 6 Plus vs. Samsung Galaxy Note 3?

So what’s it going to be? An iPhone 6 Plus or the Samsung Galaxy Note 3? For diehard Apple lovers, there’s probably no choice to be made.

But wait! Is the Galaxy a worthy competitor? Ah, perhaps.CNET’s Tim Stevens took the plunge. We won’t spoil it. It’s a quick day-to-day comparison, and you can find it here. If you simply want to compare specs, here’s a side-by-side.

ShellShock:  Millions of Computers at Risk

ShellShockYou’ve heard about HeartBleed. Now there’s ShellShock. And it’s a biggie! Shellshock is the name given to a pair of vulnerabilities in Bash, a shell program distributed on Linux, UNIX, OS X systems, and some Windows installations.

As the default shell for millions of systems the vulnerability means that an attacker could run commands on any machine using it with the potential to wreak havoc. According to Mashable, Shellshock has the potential to affect anyone visiting a website hosted on a vulnerable server. If the server has been compromised via Shellshock, it could deliver other malware. And unlike HeartBleed, ShellShock is easy to hack and code.

There have been numerous patches issued quickly. Bottom line? If you have at-risk servers, patch now! As a consumer, beware (See Trend Micro). You can read more as follows:
ZDNet, ShellShocker.Net, RedHat, Mashable

A Bendable Phablet
For Your Arm?

portal1Really? Yep, the “Portal” by Arubixs is being crowdfunded as a Smartphone you can wear. Part of you says wow, something I can actually use. It has a bendable screen! It’s waterproof. Shatterproof. Flexible.

So what’s not to love? Well, er, we guess it’s that it sort looks of like a medical device you wear on your arm, or some sort of weird digital cast that coaxes your broken wrist to the perfection it once was. At six inches, it’s a bit weighty, perhaps, and if you are a GQ man, can you really wear all that portal2coolness with one sleeve unbuttoned and dangling to accommodate your “Portal”?
But, seriously, maybe it’s an idea worth having. The specs are nothing to sneeze at, and the overall concept (albeit, one a bit more compact, perhaps) is something we’ve been hoping for. Check it out for yourself. The Arubixs website is here and the promotional video here.

NCDevCon 2014NCDevCon.  It’s A Wrap.

Our developers are back from the conference and looking forward to next year! The folks at DevCon have posted many of the slide and video presentations. So if you missed an important session check out the links at NCDevCon.

SiteVision’s Lead Technical Architect, Daria Norris, was a presenter, and her sessions (and others) may be found as follows:
Daria Norris – Better Living Through Version Control
Daria Norris – Simplify Your Workload But Not Your Delivery
All Currently Posted
Simplify Your Workload
Better Living Through Version Control

Why SiteVision?

We’re your advocate. SiteVision has been providing web development and hosting services to government agencies and non-profit organizations for over 20 years. We understand how overwhelming it can be to seek out a reliable solution for you website, custom application, and hosting needs.

At SiteVision we are passionate about creating solutions for customers that make their life better. We excel at understanding your business process and developing an application that is easy to learn and operate. We will always be fair, knowledgeable, honest, and professional.