Data Center Frontier’s Voices of the Industry are educational and thought leadership articles from leading innovators in the data center industry. This week, Shahid Javed from RagingWire explores key data center security and compliance issues every CXO needs to consider in today’s rapidly evolving data center market.
Today’s forward thinking CIOs have security and compliance on top of their minds as they select a reliable, and highly available colocation data center. Ensuring complete compliance with regulatory requirements and standards grows more challenging every day.
In this age of rapidly advancing trends of Internet of Things (IoT), Big Data, cloud computing, and even wearables, businesses have increasingly complex and unpredictable requirements for data security, reliability and availability. According to research firm IDC, the global IoT market will grow to $1.7 trillion in 2020 and the need for data center capacity will grow by 750% over the next four years as more devices come online. Market research firm IDC, is predicting that the digital universe is doubling every two years.
Hundreds of thousands of dollars are being invested by multi-tenant data center (MTDC) providers to satisfy their clients by meeting complex and rigorous compliance standards of infrastructure security, storage, and network connectivity. As new regulations and requirements are introduced, data centers are required to adhere to data compliancy laws throughout the life of the client’s data in the facility.
So, how can you get a grip on what’s going on in the world of compliance and data centers? For starters, here’s a rundown of 5 essential items to make sure your mission critical IT computing infrastructure is secure and safe in a data center facility.
- Understand your operational regulatory environment. Have a clear cut understanding of the scope of the data center services and who is responsible for what. One or more regulatory standards may apply to your business. Make sure your expectations are spelled out in your contracts, or SLA agreements.
- You need to own the security of your data. Data center providers can support only certain pieces such as physical security, environmental controls, ISP or networking connectivity. Logical security such as encryption and data protection are primarily the responsibility of the data center buyer. Make sure your infrastructure design considerations include the data center or cloud environment.
- Use a safe and reliable network. A carrier neutral facility with redundant fiber connectivity that can support your ISP or networking needs is highly recommended. Make sure the data center has the ability to interconnect easily with other locations and, also offers a full range of flexible and scalable network connectivity options for your business needs.
- Understand the data center’s administrative policies and procedures. Most data centers already have physical safeguards such as a perimeter fence, barriers, building design, man-traps, badging and biometric identity management, visitor logs, and tracking systems. It is important to understand the data center’s administrative policies with respect to personnel screening, security awareness, risk assessment, information access management, breach notification, incident response, escalation and monitoring programs.
- Beware of false certifications and logos. Oh yes, there are certainly several false claims and advertisements out there. For example, a data center maybe HIPAA compliant but there is no such thing as a HIPAA-certified data center. The Health Information Trust Alliance (HITRUST) certification takes some of the HIPAA rules but it is not the same as HIPAA. Make sure the data center audit reports and assessments are performed by credible sources.
Data center providers can support only certain pieces of the data compliancy laws. Understand how the data center provider has adhered to the compliance requirements as there may be some implementations that belong to you. At RagingWire, our data center infrastructure is audited regularly for appropriate physical and logical controls. We have companywide trainings for our employees and contractors.
Shahid Javed is the Colocation Programs Marketing Manager at RagingWire. He is responsible for all the outbound marketing associated with RagingWire’s colocation services portfolio. To learn more about data center compliance, watch this webinar on “HIPAA Compliance and Data Centers: what it’s worth and how do you get there?”