Confidentiality, integrity, and availability. These are the three pillars of data center security, from chips to servers to networks. You need to be sure that no unauthorized party will have access to your IT. You need protection against accidents and incidents that could cause the corruption or loss of your information and cyber resources. Yet you must also be certain that your systems will remain available for authorized users, maintenance, and upgrades.
So, why should you prefer a colocation data center to an enterprise data center for your security?
Physical and virtual
First, let’s set the scene for data center security. We can divide it into two domains, the physical and the virtual. By virtual security we mean areas and tools like user ID and access management (IAM) for applications, data encryption, zero trust security policies, and security information and event management (SIEM) and user and entity behavior analytics (UEBA) solutions. These items are independent of location. Whether you choose to implement them for systems that are on your site or in a colocation data center, they will have the same effectiveness.
The real differences between enterprise and colocation data centers are in the robustness of the physical security and the compliance with internationally recognized security directives. Colocation service providers like eStruxture know how vitally important it is to provide the best physical security possible. They have the resources, skills, and experience to ensure continuing protection and compliance that many individual enterprises need, but that few can do by themselves.
From strategy to action
Like other business challenges, physical data center security is not guaranteed simply by writing a big check. It needs to be thought through, end-to-end, for maximum effectiveness. Our security strategy is to deter, prevent, and detect any incident that could compromise the key goals of confidentiality, integrity, and availability.
- Deterrence. We discourage attackers before they even start. When they see how hard it is to penetrate an eStruxture Data Center, they give up and look for other targets.
- Prevention. The breadth and depth of our security systems with multiple, interconnected layers shield our colocation data centers from incidents and accidents.
- Detection. If any actual or suspected intrusion occurs, we know via our security systems and move directly to isolate it and counteract it.
The list of security devices and measures to put this strategy into action in eStruxture Data Centers is impressive:
- CCTV/video surveillance on all areas of the site including critical equipment areas and white spaces with 90-day footage retention
- 24x7x365 onsite security staff with site patrols and alarm response
- Mantraps and secure loading docks
- Vehicular impact protection and access-control
- Anti-climb fence around the external perimeter
- Robust external walls to prevent casual break-ins
- Elevator access restrictions
- Motion detectors
- Alarms on doors
- Multi-factor authentication into secure zones
- Access badge readers
- Biometric scanners
- Keypad/PIN Code
Only a few enterprise data centers achieve such a level of physical security. But eStruxture goes further still.
Processes and compliance
Successful data center security depends on high quality security processes and controls. These are proven checks and sequences of steps that are applied systematically to achieve consistently effective levels of security.
eStruxture has standardized on more than 60 operational controls in its process-driven approach to protecting the machines that you run in its colocation data centers. These controls enable robust governance of security, operations, risk management, personnel, and IT best practices. We undergo annual review by a third party auditor to maintain alignment with our requirements and your needs as our customer.
Good colocation service providers like eStruxture also satisfy a range of rigorous compliance and security protocols, including:
- SOC 2 Type II according to the latest SSAE18 auditing standards with auditing done by an accredited third party entity. The Service Organization Controls 2 (SOC 2) certification is based on trust services criteria for controls relating to confidentiality, integrity, availability, and privacy of systems.
- Payment Card Industry (PCI) DSS requirements 9 and 12 for locations for storing or processing payment card data. These high-security areas (HSA), for example a server room, have their own access routes and CCTV cameras to monitor activity.
- ISO/IEC 27001:2013 for validated information security management systems (ISMS). To comply with this standard, an entity must methodically apply a risk management process for security relating to people, processes, and IT systems.
Availability is also key
Taken to extremes, the tightest security would not just keep bad actors out. It would keep everybody out. Even bona fide users would be unable to do their jobs and for organizations to be productive. The same is true of data centers without robust protection against power failures, network outages, and natural and environmental hazards.
Well-designed physical security considers all these aspects. It helps users and their organizations to achieve the highest levels of resilience possible, while safeguarding a good user experience. eStruxture colocation data centers achieve up to Tier III availability with official certification (MTL-3 and CAL-1 facilities). This level means 99.982% availability with the ability for such a data center to remain under critical load while carrying out maintenance operations on power and cooling systems. In other words, your systems remain protected and accessible, letting you stay secure while you get on with your business.
For all the reasons above, enterprise data centers are unlikely to achieve the levels of physical security offered by a colocation service provider like eStruxture. A colocation data center has the advantage over individual enterprise data centers because it can attract skilled security personnel, implement and keep up with the latest security technology, and mutualize these resources for the greater good of all customers using the colocation data center.
As a leading provider of colocation data center solutions across Canada, eStruxture delivers best-in-class physical security to safeguard your infrastructure for confidentiality, integrity, and availability.
Want to find out more about how eStruxture can help you achieve the data center security, space, power, and cooling that you need? Contact us now for a free-of-charge discussion.