How secure is your data center? In order to guarantee security, maintain uptime, and pass HIPAA and SSAE 16 Type II certifications, Green House Data has over sixty auditable security, environmental, and compliance control measures. Each compliant data center is audited once per year.
Some of these control points are standard practice, while others had to be added to daily routines in some facilities in order to gain compliance and bring them up to our strict standards. This list can help you get your data center up to speed – or see just how much effort goes into keeping server rooms monitored, secured, and fully auditable.
See all 61 points we check for security and auditability after the jump.
For the past decade, Power Usage Effectiveness has been the most common standard to measure data center energy efficiency. While PUE remains in the news with recent controversy over its inclusion in the latest ASHRAE standards, other energy efficiency metrics are starting to catch on – specifically server utilization.
We’ve covered PUE before on the blog, but basically it’s the ratio of overall power used to power used for strictly computing equipment. The closer to a 1.0 ratio, the more efficient the facility.
As the industry has matured, PUE has come under fire as being too simple, easy to manipulate, or failing to consider other environmental concerns. This led to the development of other data center energy efficiency and environmental impact measurements and benchmarks, for renewable use, reeuse of energy, and even water consumption.
With the average cost of data center outages hovering at $740,000 (according to a Ponemon / Emerson study from 2016), operators must take action to avoid the most common causes of downtime. Let’s take a quick dive into the leading origins of unplanned downtime and how you can avoid them in your data center.
Edge data centers have a lot of buzz these days as a way to deliver services outside of core markets. But do actual data center operators have any interest in edge facilities? And what exactly is an edge data center, anyway?
Green House Data surveyed 492 IT professionals, with 38% being Executive level. The results indicate a mild interest in edge data centers, but mostly for future deployments. 18% currently use an edge data center, with 46% planning to add an edge facility within the next 12 months. 54%, meanwhile, do not plan to add an edge data center.
Read on to see the full survey results.
Can you believe we’re already over a quarter of the way through 2016? Feels like we were just posting our 2015 blog wrap up yesterday. But here we are—the data center world keeps spinning. In case you missed something in the past three and a half months, we’ve collected our top blog posts and some of the most popular data center news headlines from around the blogosphere in today’s post.
As data center design continues to evolve, one stalwart piece hasn’t changed too much: cabinet or rack security and monitoring. After all, how complicated can a door lock get? While most every data center will have some form of lock on their racks and/or cabinets, especially colocation facilities as they have multiple clients accessing shared floor space, not all locks are created equal. Newer technologies allow automated access logs, biometric security, wireless unlocking, and more.
With different compliance standards and security requirements for various applications, some colocation providers will install custom locks for your cabinet if necessary. Physical security measures remain vitally important, as social engineering and theft can extend to hardware and not just data. How then do data center providers go about securing cabinets and racks?
Distributed Denial of Service attacks are nothing new, but they’re becoming more and more common, from politically motivated attacks on financial and government institutions to recent attacks on data centers like Digital Ocean. DDoS attacks are when hackers use hijacked computers to flood servers with incoming requests and essentially shut down services by clogging network traffic or sending mass quantities of junk data. They are increasingly difficult to defend against as they grow in scale, and because they are distributed among various infected machines, it can be difficult to block traffic based on IP address.
Public institutions, financial industries, eCommerce sites, and hosting providers are among the most popular targets, but anyone can be a victim—and if your IT infrastructure is hosted in a data center, you need that facility to provide strong DDoS mitigation to avoid service interruptions of your own.
Read on to learn common DDoS attack methods and mitigation strategies.
In the IT world, if it isn’t logged or documented, it might as well never have happened. Without properly keeping track of change management, even for routine processes, it can be impossible to discover why a system stopped working, or worse. Technicians might be stuck halfway through a switch upgrade, unable to retrace their steps when they realize the equipment install won’t work. Or an entire organization could be held accountable under the law because they failed in their compliance.
IT documentation, in other words, is an essential if occasionally painstaking piece of data center operations. At Green House Data, we document everything we possibly can. Outside of support or internal emergency responses, which are always tracked in a ticket, planned changes must undergo a five-step process in order to keep track and learn from the change.
Airflow containment refers to the practice of segregating the aisles of a data center so the hot exhaust air from servers does not mix with incoming cold air, while also more efficiently directing airflow into or out of the data center floor. According to the Uptime Institute’s 2014 Data Center Industry Survey, only 30% of operators have at least ¾ of their data center using some form of containment. Less than half of all survey respondents had at least 50% of their data center heat contained.
That leaves a lot of white space without any form of containment, which is one of the best ways to improve energy efficiency and translates into a more reliable environment as well as direct cost savings.
Things have improved since a few years ago, to be sure. But airflow containment remains a significant upfront investment that data center operations teams might not consider, especially at smaller providers or in-house facilities. However it can show a real ROI.
OK, so data centers don’t use Duracell batteries (ours are much, much heavier, more expensive, and specialized). I just couldn’t resist the Matrix reference.
And what data center operator does have time for downtime? Nobody, with average costs per minute hovering at nearly $8,000. This same 2013 study from Ponemon discovered that 55% of data center outages were caused by—you guessed it—UPS battery failure.
Data center UPS (uninterruptible power supply) systems are supported by dozens of bricklike batteries, and if even one of them has a bad cell, it can take down the whole system. Even a brief hiccup in power can then lead to downtime for the entire data center. Despite all this, only 48% of surveyed operators regularly tested or monitored their UPS battery health.
What types of batteries are used in the data center? How can operators keep batteries in good shape?