Data Centre Security. Presented by: M. Javed Wadood Managing Director (MEA)
|
|
- Dora Stephens
- 5 years ago
- Views:
Transcription
1 Data Centre Security Presented by: M. Javed Wadood Managing Director (MEA)
2 EPI history and global locations UK origin, 1987 Singapore office, EPI offices worldwide Global partner network spanning 60+ countries, 130+ cities
3 EPI is a Data Centre Expert company design evaluation and validation audits and certification professional training EPI offers and extensive range of expert data centre services We do evaluation and validation of data centre plans to make sure they are designed to meet the business requirements or industry standards We do data centre audits and certifications to the standards in the industry We design and write data centre training programs from our hands-on experience
4 Bringing Cyber Security to Data Centre Some of Our Customers They trust us, So can you!
5 Agenda The data centre Data centre standards addressing security Security set-up at the physical level Controls for securing the perimeter Controls for the facility Why security fails Process controls Monitor, review and improve Audit and control Training
6 What is a data centre According to Gartner: the data centre is the department in an enterprise that houses and maintains back-end information technology (IT) systems and data stores, its mainframes, servers and databases. The data centre is supported by a physical facility and a utility infrastructure such as power, cooling, water, physical network infrastructure, fire suppression systems, etc.
7 Data centre supporting areas Common supporting areas: Network Operations Center (NOC) Security room UPS (Uninterruptable Power Supply) room Battery room Gen Set area Staging area Holding area
8 Data centre standards Standards and guidelines supporting data centre s in implementing information security, with emphasis on physical security and access controls: ANSI/TIA-942 Specifies physical controls depending on Rated/Rating level required DCOS 2016 Specifies operational controls required for certification Maturity level based
9 Perimeter controls Fence / wall / moat Visible intrusion detection systems Visible signs Guard house Boom barrier Security guards Security dogs
10 Perimeter control CCTV cameras CCTV (Closed-Circuit Television) cameras installation to monitor the following: All entrances into and exits of the premises All entrances and exits of restricted facility areas Areas immediately surrounding the perimeter of the premises. Perimeter fences and/or walls of the premises Areas between perimeter fence and/or wall and buildings within the premises. Areas supporting the facility that may fall outside the perimeter.
11 Facility controls Cages Mantraps CCTV Cameras Door control Key lock Electronic lock Card reader Security code Biometrics Equipment control Computer racks Power Distribution Unit (PDU) Computer Room Air-Conditioner (CRAC)
12 Why security fails Possible causes of why security fails in data centres: Human error Lack of process environment. Lack of training Low awareness level Budget limitations
13 Process controls security patrol Security guards need to be appropriately dressed Should have tools / equipment which is in good working conditions such to be inspected before going on patrol: Radio (Walky-Talky) Proper channel setting Charged battery Torch light with full battery Arms (where allowed and required)
14 Process controls security patrol The facility should be inspected on a periodic basis, covering the following: All entrances and exits from the perimeter Areas immediately surrounding the perimeter of the premises. Perimeter fences and or wall of the premises Any used and unused side entrance of buildings All restricted areas outside and inside the building Areas supporting the facility that may fall outside the perimeter (where applicable and feasible). Lifts / Emergency paths
15 Process controls security patrol Patrol scheduling: Round the clock Different routes Different start times Focus more on the night patrol Use call home / heart beat principal Activate response procedure upon detection of a security breach. Follow pre-defined checklists
16 Process controls security patrol Checklist should include door number, location and items to be inspected: Time stamp and signature at every checkpoint Electronic clocking devices Camera in working condition Verify with security command room Physical testing of doors Door open test Taking photographs of any suspicious matters Inspection of equipment such as fire panel, water leak panel, cooling systems etc.
17 Process controls holding area Delivery and loading areas should be controlled and isolated from information processing facilities to avoid unauthorized access. The holding area should be designed like a buffer zone, allowing delivery staff to unload materials without gaining access to other areas of the building. During opening hours, the holding area should be manned with a security guard overseeing all activities. The holding area is supervised on a 24x7 basis, having CCTV cameras installed covering all angles of the area.
18 Process controls holding area The external door should be secured/closed when the internal door is open Incoming items should be accounted for Incoming items should be inspected for potential hazards before movement into the building Incoming items should be inspected for eaves dropping devices Incoming items should be registered
19 Process controls vehicle control All vehicles which are allowed inside the perimeter need to be pre-registered depending on the individual: Staff Vendor / contractor Public transport / visitors / customers Vehicle registration should include at the minimum: Owner and driver name Type of vehicle Make and model Color Registration / license plate Any special marks
20 Process controls vehicle control Security personnel need to verify registered details before allowing entry inside the perimeter. All compartments of the vehicle must be opened. Scan under the vehicle For highly secure facilities additional equipment might be utilized such as explosive sniffers, metal detectors etc.
21 Process controls individual control Physical access control is based on two principals Personnel categories Security zones Personnel categories Internal staff External staff (same organization) Vendors / contractors Visitors Customers
22 Process controls individual control To control physical security in the data centre, different security zones may exist: Common (public) facility Areas/rooms used by all personnel and not subject to any internal security restrictions. Restricted areas Areas/rooms housing key equipment such as UPS systems, airconditioners and batteries. Highly secure area Areas such as the computer and media storage room
23 Process controls individual control All individuals should be authenticated / authorized on accessing the perimeter. All non-staff individuals should sign in and present a valid identification document. Security personnel performs countercheck Inspection of incoming items if applicable If clearance is given, a badge should be assigned (if applicable) based on the category of the visitor. Visitors to be escorted to designated supervised waiting area to be collected by internal staff.
24 Process controls individual control Internal staff verifies presence of badge and worn visibly by the visitor. Contractors on site for a predetermined period of time are restricted to only areas/rooms designated to accomplish authorized tasks. External staff working in restricted areas should be physically supervised. Inspection of incoming/outgoing items A log is maintained for all restricted areas A key management system is maintained for all restricted facility areas.
25 Process controls general rules It is recommended to impose restrictions for secure areas: Prohibition of smoking Prohibition of foods and drinks Conditions for the use of devices generating radio frequency, such as wireless devices and mobile phones, near sensitive equipment/copper network cabling Conditions for the use of storage and photo taking devices, such as cameras (including mobile phones), PDAs (Personal Digital Assistant), USB drives and other similar devices.
26 Monitor, review and improve Security policies and measures need continuous monitoring, review and improvement. Security incidents need to be reviewed and immediate action needs to be taken to ensure that in the future no similar incidents will occur. At least once a year a full review is required
27 Monitor, review and improve A security incident response process should exist to address security breaches and potential weaknesses: Detection of security incidents Reporting and logging of security incidents Logging the response and the corrective/preventive action taken. Periodic evaluation of all information security incidents Improvements to further reinforce the security infrastructure.
28 Monitor, review and improve Information that can be recorded during security incident response: Date and time of event By whom reported Location where the incident occurred Sensitivity level Affected areas Detailed description of the event Corrective action taken Details of loss, damage or destruction
29 Audit and control Audit and review needs to take place on a regular basis: Internal audits Readiness approach Maintenance of management system External audits Mandatory compliance with regulations and standards Voluntary conformance with standards
30 ANSI/TIA DCOS ANSI/TIA-942 Focus on design (validation) and build (certification) Covers all facility related matters of the data center Telecommunication Electrical Architectural Mechanical (includes; security, safety, fire suppression etc.) DCOS (Data Centre Operations Standard) Focus on operations (certification) Progressive standard covering 11 disciplines (security management included) Maturity level based
31 Audit Type of audit Certification (1 st year) Surveillance (2 nd and 3 rd year) Re-certification (4 th year) Potential audit results Conform (ANSI/TIA-942) / Maturity level (DCOS) AOI (Area Of Improvement) (ANSI/TIA-942) CAT 2 ( Category 2) (ANSI/TIA-942) CAT 1 (Category 1) (ANSI/TIA-942)
32 Training Continuous training of staff is recommended to maintain the corporate information security baseline EPI courses which amongst other topics addresses all layers of security: CDCP (Certified Data Centre Professional) CDCS (Certified Data Centre Specialist) CDFOM (Certified Data Centre Facilities Operations Manager) CITP (Certified Information Technology Professional) CITS (Certified Information Technology Specialist) CITE (Certified Information Technology Expert)
33 Questions?
34 M. Javed Wadood
Physical and Environmental Security Standards
Physical and Environmental Security Standards Table of Contents 1. SECURE AREAS... 2 1.1 PHYSICAL SECURITY PERIMETER... 2 1.2 PHYSICAL ENTRY CONTROLS... 3 1.3 SECURING OFFICES, ROOMS AND FACILITIES...
More informationPhysical and Environmental Security Policy Document Number: OIL-IS-POL-PES
Physical and Environmental Security Policy Document Number: OIL-IS-POL-PES Document Details Title Description Version 1.0 Author Classification Physical and Environmental Security Policy Physical and Environmental
More informationCenteris Data Centers - Security Procedure. Revision Date: 2/28/2018 Effective Date: 2/28/2018. Site Information
Section 01 Document Information Creation Date: 12/1/2016 Centeris Data Centers - Security Procedure Revision Date: 2/28/2018 Effective Date: 2/28/2018 Section 02 Site Information Site Information Document
More informationHIPAA Security. 3 Security Standards: Physical Safeguards. Security Topics
HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical
More informationData Center Access Policies and Procedures
Data Center Access Policies and Procedures Version 2.0 Tuesday, April 6, 2010 1 Table of Contents UITS Data Center Access Policies and Procedures!3 Introduction!3. Overview!3 Data Center Access!3 Data
More informationCommunications Room Policy
Information Security Policies Communications Room Policy Author : David Rowbotham Date : 01/07/2014 Version : 1.1 Status : Initial Release MAG Information Security IT Policies Page: 1 1 Table of contents
More information: Course CDFOM : Certified Data Centre Facilities Operations Manager
Module Title Duration : Course CDFOM : Certified Data Centre Facilities Operations Manager : 3 days Course Description Managing the facilities of today s hi-end and hi-availability data centres is an extremely
More informationInfrastructure Security Overview
White Paper Infrastructure Security Overview Cisco IronPort Cloud Email Security combines best-of-breed technologies to provide the most scalable and sophisticated email protection available today. Based
More informationHosted Testing and Grading
Hosted Testing and Grading Technical White Paper July 2010 www.lexmark.com Lexmark and Lexmark with diamond design are trademarks of Lexmark International, Inc., registered in the United States and/or
More informationSelect Agents and Toxins Security Plan Template
Select Agents and Toxins Security Plan Template 7 CFR Part 331.11, 9 CFR Part 121.11, 42 CFR Part 73.11 Prepared by U.S. Department of Health and Human Services (HHS) Centers for Disease Control and Prevention
More informationPoP ROOM: INSIDE AND OUTSIDE PLANT RULES & REGULATIONS
PoP ROOM: INSIDE AND OUTSIDE PLANT RULES & REGULATIONS Version 14 November 19, 2014 Digital Realty Table of Contents INTRODUCTION... 3 ACCESS TO THE POP ROOMS, ISP & OSP... 3 PoP- MoP Forms... 3 Who must
More informationData Centers and Mission Critical Facilities Access and Physical Security Procedures
Planning & Facilities Data Centers and Mission Critical Facilities Access and Physical Security Procedures Attachment B (Referenced in UW Information Technology Data Centers and Mission Critical Facilities
More informationIXcellerate Moscow One Datacentre - Phase 1 & 2 Overview
Contents 1. Document Purpose... 2 2. Facility Overview... 2 2.1 Technical Space... 2 2.2 Load Density... 2 2.3 Resilience... 2 2.4 Engineering Plant Maintenance & Service Restoration... 3 3. Engineering
More informationInformation Services IT Security Policies L. Network Management
Information Services IT Security Policies L. Network Management Version 1.1 Last updated: 11th August 2010 Approved by Directorate: 2nd July 2009 Review date: 1st August 2011 Primary owner of security
More informationStandard CIP-006-4c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-4c 3. Purpose: Standard CIP-006-4c is intended to ensure the implementation of a physical security
More informationWHITE PAPER. Solutions OnDemand Hosting Overview
WHITE PAPER SAS Title Solutions OnDemand Hosting Overview ii Contents Overview... 1 Cary 1 (US) Facility Specifications...2 Cary 2 (US) Facility Specifications (SAS New Cloud Computing Center)...3 Charlotte
More informationDude Solutions Business Continuity Overview
Dude Solutions Business Continuity Overview Table of Contents Overview.... 2 Primary and Disaster Recovery Data Centers.... 2 Network Infrastructure.... 3 Emergency Processes.... 3 Power and Cooling Systems....
More informationIN A FAST MOVING WORLD YOU CAN RELY ON AC2000; A POWERFUL ACCESS CONTROL AND SECURITY MANAGEMENT SYSTEM AC2000
IN A FAST MOVING WORLD YOU CAN RELY ON ; A POWERFUL ACCESS CONTROL AND SECURITY MANAGEMENT SYSTEM WHAT CAN OFFER YOU? CEM MANUFACTURES BOTH THE HARDWARE AND SOFTWARE, OFFERING ONE OF THE MOST COMPREHENSIVE,
More informationFACILITY USER GUIDE. Colocation in Key Info s Agoura Court Data Center
FACILITY USER GUIDE Colocation in Key Info s Agoura Court Data Center Page 1 of 11 Key Info Facilities User Guide v2.4 Table of Contents Welcome... 3 GETTING STARTED... 4 Colocation Access... 4 Proof of
More informationStandard CIP Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security program
More informationEXHIBIT A. - HIPAA Security Assessment Template -
Department/Unit: Date: Person(s) Conducting Assessment: Title: 1. Administrative Safeguards: The HIPAA Security Rule defines administrative safeguards as, administrative actions, and policies and procedures,
More informationChemical Facility Anti-Terrorism Standards. T. Ted Cromwell Sr. Director, Security and
Chemical Facility Anti-Terrorism Standards T. Ted Cromwell Sr. Director, Security and NJ ELG Operations Meeting Today s Presentation ACC Action Major Rule Components Select Risk-Based Performance Standards
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationStandard CIP-006-3c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3c 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security
More informationPhysical Security Standard
Physical Security Standard Version: 1.6 Document ID: 3545 Copyright Notice Copyright 2018, ehealth Ontario All rights reserved No part of this document may be reproduced in any form, including photocopying
More informationTimico Data Centres: Access Policy
Timico Data Centres: Access Policy Timico Ltd 2012 Page: 1 of 6 1 Contents 1 Contents... 2 2 Version control... 2 3 Overview... 3 4 Introduction... 3 5 Rules of conduct... 3 6 Access request procedure...
More informationData Center. Tai Po Data Center
Data Center Tai Po Data Center TAI PO DATA CENTER Nexcenter The Global Data Center Vision NTT Communications offers data center services at hundreds of locations worldwide under the brand name Nexcenter.
More informationCourse Description. Audience. Prerequisites. : Course CTDC : Certified TIA-942 Design Consultant. Course Outline :: CTDC ::
Module Title Duration : Course CTDC : Certified TIA-942 Design Consultant : 3 days Course Description Data centres are at the core of many organisations. Downtime of the data centre could lead to major
More informationn+2 DATA CENTER CONTROL POLICY
This Data Center Control Policy (the Control Policy ) forms a part of the Master Services Agreement between n+2 LLC ( n+2 ) and Client (the Agreement ), in which this Control Policy is incorporated by
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationpeace of mind kit FAQ s Q: Is AccuPay bonded?
peace of mind kit At AccuPay, we take the trust you have placed in us very seriously. We understand that you depend on us to produce accurate payrolls as well as accurate tax returns and payments. With
More informationENABLING DATA-DRIVEN PHILIPPINE ENTERPRISES VITRO DATA CENTER MAKATI A NEXCENTER-CERTIFIED FACILITY
ENABLING DATA-DRIVEN PHILIPPINE ENTERPRISES VITRO DATA CENTER MAKATI A NEXCENTER-CERTIFIED FACILITY TOTAL BUILDING AREA: TOTAL FLOOR AREA OF SERVER FARMS: RAISED FLOOR HEIGHT: 18,700SQM 6,800SQM 900MM
More information2.4. Target Audience This document is intended to be read by technical staff involved in the procurement of externally hosted solutions for Diageo.
Diageo Third Party Hosting Standard 1. Purpose This document is for technical staff involved in the provision of externally hosted solutions for Diageo. This document defines the requirements that third
More informationNational Museums & Galleries of Wales Standard Facilities Report
NAME OF BORROWING INSTITUTION: National Museums & Galleries of Wales Standard Facilities Report [A] BUILDING (a) General information 1 Are your premises purpose-built galleries / museums / other? 2 If
More informationData Security at Smart Assessor
Data Security at Smart Assessor Page 1 Contents Data Security...3 Hardware...3 Software...4 Data Backups...4 Personnel...5 Web Application Security...5 Encryption of web application traffic...5 User authentication...5
More informationWhat can the OnBase Cloud do for you? lbmctech.com
What can the OnBase Cloud do for you? lbmctech.com The OnBase Cloud by Hyland When it comes to cloud deployments, experience matters. With experience comes more functionality, long tracks of outstanding
More informationTB+ 1.5 Billion+ The OnBase Cloud by Hyland 600,000,000+ content stored. pages stored
the onbase cloud ONBASE CLOUD // Experience Matters The OnBase Cloud by Hyland When it comes to cloud deployments, experience matters. With experience comes more functionality, an established history of
More informationTwin Core Data Center Munich
Twin Core Data Center Munich T-Systems Data Center Munich Sister Site, Back Up Location/Twin Core DC ALL (Allach) 1st Route: 13km DWDM System 2nd Route: 27km DC EIP (Euro Industrie Park) Point to Point
More informationAirport Security & Safety Thales, Your Trusted Hub Partner
Airport Security & Safety Thales, Your Trusted Hub Partner www.thalesgroup.com/shield Securing People Ensuring Business Continuity Protecting Assets Thales Credentials Thales is a leading international
More informationPrivacy Policy 1.0 OUR CORE BELIEFS REGARDING USER PRIVACY AND DATA PROTECTION
Privacy Policy 1.0 OUR CORE BELIEFS REGARDING USER PRIVACY AND DATA PROTECTION User privacy and data protection are human rights We have a duty of care to the people within our data. Data is a liability,
More informationEngineering and Manufacturing Excellence in Data Centre Infrastructure
Engineering and Manufacturing Excellence in Data Centre Infrastructure Since 1982 Australia s Largest PDU Manufacturer NetSense DCIM Software Intelligent Power PDU s SafetyNet Series 5 CREMS E-Rack 19
More informationDATA CENTRE & COLOCATION
DATA CENTRE & COLOCATION RISING DEMAND FOR HOSTED SERVICES When it comes to hosted IT infrastructure, organisations are looking for highly resilient, highly available and highly scalable facilities at
More informationWorkbench Software Customer Portal Security. By Workbench Software, LLC. Creation Date: January 2011 Last Updated: May 2011 Version: 2.
Workbench Software Customer Portal Security By Workbench Software, LLC Creation Date: January 2011 Last Updated: May 2011 Version: 2.0 Page ii Contents Workbench Software Security 3 Overview 3 Workbench
More informationIt's hosting, safe and secure.
It's hosting, safe and secure. Optus EXPAN NEXTDC provides colocated hosting services for your IT equipment in secure Tier 3 data centre facilities in most capital cities around Australia.. It's world-class
More informationDazelidis Thanos - Product Manager Rittal Greece 1
Dazelidis Thanos - Product Manager Rittal Greece 1 Facility Location Lefdal Mine is located in the region Sogn og Fjordane between Måløy and Nordfjordeid. It is situated next to a deep, cold fjord with
More informationRFP Annex A Terms of Reference UNHCR HQ Data Centre Colocation Service
RFP 2017 845 Annex A Terms of Reference UNHCR HQ Data Centre Colocation Service Version 1 Contents Project objectives... 1 Background... 1 Scope... 1 Timeframe and Cost... 4 Stakeholders, roles and responsibilities...
More informationAutomate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds
EXECUTIVE BRIEF SHAREBASE BY HYLAND Automate sharing. Empower users. Retain control. With ShareBase by Hyland, empower users with enterprise file sync and share (EFSS) technology and retain control over
More informationUlster University Policy Cover Sheet
Ulster University Policy Cover Sheet Document Title DATA CENTRE ACCESS POLICY 3.2 Custodian Approving Committee Data Centre & Operations Manager ISD Committee Policy approved date 2017 09 08 Policy effective
More informationFighting Hunger Worldwide. WFP Field Security Keeping you safe & secure
Fighting Hunger Worldwide WFP Field Security Keeping you safe & secure April 2016 Safety and security: a top priority In the field, our security risk management personnel provide specific knowledge of
More informationFacility Security Policy
1. PURPOSE 1.1 The New Brunswick Institute for Research, Data and Training (NB-IRDT) is located in the University of New Brunswick. It consists of: (i) employee offices in Singer Hall and Keirstead Hall,
More informationSecurity Guideline for the Electricity Sub-sector: Physical Security Response
Security Guideline for the Electricity Sub-sector: Physical Security Response Preamble: This guideline addresses potential risks that can apply to some electricity sub-sector organizations and provides
More informationSECTION 15 KEY AND ACCESS CONTROLS
15.1 Definitions A. The definitions in this section shall apply to all sections of the part unless otherwise noted. B. Definitions: Access Badge / Card a credential used to gain entry to an area having
More informationAwareness Technologies Systems Security. PHONE: (888)
Awareness Technologies Systems Security Physical Facility Specifications At Awareness Technologies, the security of our customers data is paramount. The following information from our provider Amazon Web
More informationENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE
ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our
More informationASSURING BUSINESS CONTINUITY THROUGH CONTROLLED DATA CENTER
ASSURING BUSINESS CONTINUITY THROUGH CONTROLLED DATA CENTER IT Audit, Information Security & Risk Insight Africa 2014 Johnson Falana CISA,MIT,CEH,Cobit5 proverb814@yahoo.com Overview Information technology
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationRFP Questions Guideline For Data Center Buyers
RFP Questions Guideline For Data Center Buyers Rev: 00W0052015 1 P a g e This guideline document is a supporting download for our webinar titled 5 RFP Questions Data Center Buyers Must Ask a Provider and
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Physical Enterprise Physical Enterprise Monitoring is the monitoring of the physical and environmental controls that
More informationStandard: Data Center Security
Standard: Data Center Security Page 1 Executive Summary The university data centers provide for the reliable operation of SJSU s computing systems, computing infrastructure, and communication systems.
More informationWelcome to a world where technology flows through the heart of your business environment. Welcome to CDC
Welcome to a world where technology flows through the heart of your business environment Welcome to CDC Overview 4 Urban Campus 5 Intelligent Campus Management Solution 6 Key Features 7 Integra Management
More informationFact sheet VIENNA DATA CENTRE CAMPUS. Connect, transact and grow
Fact sheet VIENNA DATA CENTRE CAMPUS Connect, transact and grow WELCOME TO VIENNA Vienna is one of Europe s best connected cities, and is home to VIX, Austria s largest Internet exchange. In the North
More informationSan Francisco Chapter. What an auditor needs to know
What an auditor needs to know Course Objectives Understand what a data center looks and feels like Know what to look for in a data center and what questions to ask Deepening understanding of controls that
More informationRÉPUBLIQUE D HAÏTI Liberté Egalité - Fraternité
RÉPUBLIQUE D HAÏTI Liberté Egalité - Fraternité HAITI PORT SECURITY AND SAFETY: A SUCCESSFUL EXPERIENCE SCOPE OF THE PRESENTATION I- INTRODUCTION: IMPORTANCE OF MARITIME TRADE II- STATE OF GLOBAL PORT
More informationDooblo SurveyToGo: Security Overview
Dooblo SurveyToGo: Security Overview November, 2013 Written by: Dooblo Page 1 of 11 1 Table of Contents 1 INTRODUCTION... 3 1.1 OVERVIEW... 3 1.2 PURPOSE... 3 2 PHYSICAL DATA CENTER SECURITY... 4 2.1 OVERVIEW...
More informationLive Webinar: Best Practices in Substation Security November 17, 2014
Live Webinar: Best Practices in Substation Security November 17, 2014 1 Agenda & Panelists Welcome & Introduction - Allan Wick, CFE, CPP, PSP, PCI, CBCP Enterprise Security Manager-CSO Tri-State Generation
More informationPOWERING A CONNECTED ASIA. Pacnet Hong Kong DataSpace1 Technical Specifications. Advanced Data Center Facility for Multi-Site Enterprises
POWERING A CONNECTED ASIA Pacnet Hong Kong DataSpace1 Technical Specifications Advanced Data Center Facility for Multi-Site Enterprises Pacnet Hong Kong DataSpce1 (HKDS1) provides an ideal environment
More informationThe City of Mississauga may install Closed Circuit Television (CCTV) Traffic Monitoring System cameras within the Municipal Road Allowance.
Policy Number: 10-09-02 Section: Roads and Traffic Subsection: Traffic Operations Effective Date: April 25, 2012 Last Review Date: Approved by: Council Owner Division/Contact: For information on the CCTV
More informationWatson Developer Cloud Security Overview
Watson Developer Cloud Security Overview Introduction This document provides a high-level overview of the measures and safeguards that IBM implements to protect and separate data between customers for
More informationPRODUCTS & SERVICES. colocation services
PRODUCTS & SERVICES colocation services Equinix is the preferred destination for companies who control the world s most valued information assets. Our International Business Exchange (IBX ) centers are
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 5 Host, Application, and Data Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 5 Host, Application, and Data Security Objectives List the steps for securing a host computer Define application security Explain
More informationBuilding Automation & Control System Vulnerabilities
1 Building Automation & Control System Vulnerabilities by Is there an open door into your facility? Dave Brooks, PhD Associate Professor, Security Science School of Science 1 2 OVERVIEW Background of Research
More informationYOUR CONDUIT TO THE CLOUD
COLOCATION YOUR CONDUIT TO THE CLOUD MASSIVE NETWORKS Enterprise-Class Data Transport Solutions SUMMARY COLOCATION PROVIDERS ARE EVERYWHERE. With so many to choose from, how do you know which one is right
More informationL18: Integrate Control Disciplines to Increase Control and Save Money
L18: Integrate Control Disciplines to Increase Control and Save Money Kathleen Lucey, FBCI Montague Risk kalucey@montaguetm.com tel: 1.516.676.9234 Connections Information Security (computer security,
More informationOUTSOURCED FACILITIES MANAGEMENT SERVICES CAPE TOWN
OUTSOURCED FACILITIES MANAGEMENT SERVICES CAPE TOWN LOCATION OF SERVICE REQUIRED 141 Voortrekker road Parow Cape Town Areas: Offices Entrance foyers Balcony Toilets Basements Conference rooms Store rooms
More informationMECHANICAL CONTRACTORS ASSOCIATION OF AMERICA, INC. CLEANROOM PIPING AND PROCEDURES BASIC CONSIDERATIONS
BASIC CONSIDERATIONS For the mechanical contractor, cleanroom construction involves the installation of high purity piping which support an ultra clean environment. This involves extremely stringent requirements
More informationData center relocation needs physical infrastructure availability evaluation and standardization. Martin Puš, SYSTEMING Prague, 4th October 2016
Data center relocation needs physical infrastructure availability evaluation and standardization Martin Puš, SYSTEMING Prague, 4th October 2016 DC relocation process What Reason of relocation? What to
More informationIT Service Delivery And Support Week Eight - Data Center
IT Service Delivery And Support Week Eight - Data Center IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao 1 Data Center 101 Facility-Based Controls Physical security HVAC Fire Suppression
More informationPHYSICAL AND ENVIRONMENTAL SECURITY
PHYSICAL AND ENVIRONMENTAL SECURITY 1.0 STANDARD FOR PHYSICAL AND ENVIRONMENTAL SECURITY - EQUIPMENT 1.1 PURPOSE The purpose of this standard is to establish baseline controls to prevent loss, damage,
More informationSabey Data Center Properties CONSOLIDATED WORK RULES
Sabey Data Center Properties CONSOLIDATED WORK RULES Contents Overview... 2 Building Security... 2 General... 2 Access Badge Display... 2 Security Rounds... 2 Access to Secure Spaces... 2 Emergency Exits...
More informationStandard CIP Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-1 3. Purpose: Standard CIP-006 is intended to ensure the implementation of a physical security program
More informationInfrastructure Checklist
Infrastructure Checklist Prepared By: Neville Turbit Version 1.0 1 Feb 09 Table of Contents Document Origin... 2 Change History... 2 Overview... 3 Points to Consider... 4 Document Origin o. Author Department
More informationU.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC)
U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC) Security Risk Assessment Tool Physical Safeguards Content Version Date:
More informationIS-906: Workplace Security Awareness. Visual 1 IS-906: Workplace Security Awareness
IS-906: Workplace Security Awareness Visual 1 Course Administration Sign-in sheet Course evaluation forms Site logistics Emergency procedures Breaks Restrooms Cell phones/blackberrys Visual 2 Course Objectives
More informationColocation Checklist Not all data centers are created equal.
Colocation Checklist Not all data centers are created equal. They vary in performance, reliability, control and security standards. Know what to look for in a colocation provider with this comprehensive
More informationData Center Checklist
Data Center Checklist The use of colocation and services has continued to increase, rapidly becoming the solution of choice for organizations requiring an efficient, secure, cost-effective way to manage
More informationTELEPLAN JOURNEY TOWARDS ACHIEVING ISO Presented by Anthony Abraham & Tejpal Singh Date : 2 nd April 2013.
TELEPLAN JOURNEY TOWARDS ACHIEVING ISO 28000 Presented by Anthony Abraham & Tejpal Singh Date : 2 nd April 2013. AGENDA About Teleplan Introduction Our shared Experience Where to Start Reap the Rewards
More informationGallagher Critical Infrastructure Solutions
Gallagher Critical Infrastructure Solutions Gallagher secures from the perimeter including gates, through to the facility access points and interior areas security.gallagher.co 2 Introducing Gallagher
More informationOpen Access. Definitions
Open-IX Data Center Technical Standards Version 2.0, January 1, 2018 Questions: dc-group@open-ix.org The purpose of the Open- IX Data Center Technical Standards document is to establish a recommended standard
More informationAccess UK Ltd. Data centre Security. Data Centre Summary v.2.0 _ December Date: 12 th January Version: 1.1. Parkinson / Daniel Gould
Access UK Ltd Data centre Security Date: 12 th January 2017 Version: 1.1 Authors: Tracy Wiseman/ Rob Parkinson / Daniel Gould Table of Contents Table of Contents... 2 Introduction... 3 Our Certifications...
More informationSECTION SPECIAL SYSTEMS. Website and Construction Cameras
PART 1 GENERAL SECTION 01121 SPECIAL SYSTEMS 1.01 WORK INCLUDED A. Project Construction Site Cameras and Video Streaming Servers B. Project Web site C. Network & Infrastructure D. Internet Connectivity
More informationIntegrated Cloud Environment Security White Paper
Integrated Cloud Environment Security White Paper 2012-2016 Ricoh Americas Corporation R i c o h A m e r i c a s C o r p o r a t i o n R i c o h A m e r i c a s C o r p o r a t i o n It is the reader's
More informationDATACENTER COLOCATION. Flexible, Secure and Connected
DATACENTER COLOCATION Flexible, Secure and Connected Flexible Solutions for Your Requirements Contents Your Goals 2 Compound and Buildings 4 Security 6 Infrastructure 8 Free Choice 10 Good Reasons 12 Our
More informationConfiguration and Operation Manual for the SALTO
AxxonSoft Configuration and Operation Manual for the SALTO Integration Module Version 1.2 Moscow, 2011 Contents CONTENTS... 2 1 LIST OF TERMS... 3 2 INTRODUCTION... 4 2.1 Purpose of document... 4 2.2 Structure
More informationA Safer World. A Secure Tomorrow. SECURITY AUDITS CONSULTANCY TRAINING.
A Safer World. A Secure Tomorrow. SECURITY AUDITS CONSULTANCY TRAINING www.consultmipl.com MIPL is a security consulting company from India, offering sustainable designs and solutions for security management.
More informationData Centre Stockholm II, Sweden Flexible, advanced and efficient by design.
Data Centre Stockholm II, Sweden Flexible, advanced and efficient by design. TelecityGroup Kvastvägen 25-29 128 62 Sköndal Stockholm Sweden Tel: +46 (0) 8 799 3800 se.info@telecity.com www.telecitygroup.se
More informationTECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES
TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control
More informationRed Solutions Oman Security As An Experience
Red Solutions Oman Security As An Experience AUTONOMOUS OPERATIONAL SUSTAINABILITY OUTSOURCED SECURITY ENGINEERING DESIGN BUILD INTEGRATE & TEST Government Advisory Physical Security Education Design Information
More informationSAND No C Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department
SAND No. 2012-1606C S 0 606C Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy s National Nuclear Security Administration
More informationFact sheet FRANKFURT DATA CENTRE CAMPUS. Connect, transact and grow
Fact sheet FRANKFURT DATA CENTRE CAMPUS Connect, transact and grow WELCOME TO FRANKFURT On the infrastructure side, the location Frankfurt am Main is the backbone of the digital business in Germany. As
More informationInformation Security Management Criteria for Our Business Partners
Information Security Management Criteria for Our Business Partners Ver. 2.1 April 1, 2016 Global Procurement Company Information Security Enhancement Department Panasonic Corporation 1 Table of Contents
More information