Site5 - Built For Designers & Developers MENU
Home  ›  Datacenters  ›  Data Center FAQ: Chicago, IL, US

Data Center FAQ: Chicago, IL, US

Comments Off on Data Center FAQ: Chicago, IL, US

Q: Which laws and standards does the data center adhere to?

A: ISO 27001, SOC2/SSAE 16, and Payment Card Industry (PCI).

 Q: Does the data center have a formal information security charter, policies, standards, and/or guidelines?

A: Yes, and it is approved by senior management, communicated to employees, reviewed periodically, published in a central repository, and aligned with industry standards such as ISO 27001/2, NIST, ITIL & CoBIT.

 Q: What types of measures are taken to ensure a secure, trusted workforce?

A: Background checks are conducted on all employees, consultants, temporary workers, and external providers. Employees are also required to sign non­disclosure agreements, roles and responsibilities are all defined, and we provide ongoing information security and privacy awareness education for all new and existing employees. Disciplinary/termination processes and procedures also exist.

Q: Is the data center capable of quickly applying software patches for new security vulnerabilities?

A: Yes, the data center maintains a formal patching strategy with supported vendors and updates patches regularly, both for emergency and critical releases.

 Q: Are information security standards such as CIS, NIST, and/or DoD STIG to harden every component of your IT infrastructure (operating systems, servers, firewalls, routers, hypervisors, etc)?

A: No.

 Q: Are formal policies and procedures in place for provisioning/terminating the data center employee user accounts, role­based access, password strength, and user access/permissions?

A: Yes.

 Q: Is regular internal and external penetration testing, and vulnerability scanning on all external/internal applications conducted?

A: Yes.

 Q: Does the data center use industry standards like ISO, OWASP, NIST, CMMI, and/or BSIMM to build in security for your Systems/Software Development Lifecycle (SDLC)?

A: Not formally, though it does utilize practices/techniques from many of these standards.

 Q: Does the data center have formal Disaster Recovery and Business Continuity plans that are regularly reviewed and tested?

A: Yes.

 Q: Are physical security perimeters around the data center’s data centers (fences, walls, barriers, guards, gates, electronic surveillance, physical authentication mechanisms, reception desks and security patrols) implemented?

A: Yes, including barriers, a security desk, cameras, and biometric scanning.

Q: Are physical protections against damage from natural causes, disasters, and deliberate attacks anticipated, designed and have countermeasures applied such as fire detection/protection systems, UPS, backup generators, etc?

A: Yes, all facilities are Tier 3 rated and designed to withstand such failures.

Still have a question? Or need help?
If you need technical support with your account, please email us or chat live with a representative.

Comments are closed.

Money Back Guarantees