Data Centre Checklist | Precept IT

  • Home
  • Data Centre Checklist

Precept are widely recognised as a trusted partner by many organisations to handle server hosting and co-location

If you are currently looking for a company to assist you please review the checklist below. This is the checklist we use to ensure appropriate physical security and environment controls are deployed for the data centre.

Give us a call today on 0800 122 3010 to discuss.

Question Response

1

If applicable, provide the name of the company you are leasing space from and the location (address) of the data centre where the application and data will be housed. The building is owned and maintained by Atlas Communications (T/A Bytel), 2 Heron Road, Belfast BT3 9LE

2

Describe how access to the data centre is secured (i.e. badge access, biometrics, etc.)? Proximity card only with restricted access to company staff. Daytime access is escorted, out of hours access is by appointment only.

3

How often is access to the data centre reviewed for appropriateness? Ongoing.

4

How is visitor access to the data centre handled? By appointment only. For out of hours scheduled access this is either by escort or time restricted pass

5

Who will have physical access to the Infrastructure (servers, data) and for what purpose (i.e. administrators, leasing company personnel, etc)? Within Atlas communications, data centre engineering staff only, however physical access to equipment by our staff is driven solely by PRECEPT IT customer requirements and permission to access racks.

6

How are customer resources such as server racks and network devices segregated from each other and secured? Racks are locked. Where customer is taking sufficient space (from 1/4 rack/10U and above) individually locked compartments are available

7

How are the racks attached to an electrical ground? All racks are electrically grounded via earth wiring

8

Does Precept IT use Tape backups? How are backup operated and how does Precept IT ensure against data loss in the advent of a data centre fire? Precept IT no longer uses Tape backups. Tapes have proven on average to result in failures of 15-20% at crucial data recovery moments. Precept IT uses network related storage on high availability backup servers located onsite in the Heron Road Data Centre and Offsite in another datacentre. The data is synchronised nightly between data centres.

9

How is customer data handled by Precept IT? Precept IT shall not keep any data relating to a client longer than the express wishes of the client. Precept IT will respect any existing retention policy in place by the client. Should any retention policy undermine Precept IT’ ability to provide an adequate service, the client will be notified of the risk they are undertaking.

10

How does Precept IT protect against unauthorised recovery of information? All data stored on the Precept IT backup servers is stored on an encrypted file system so if someone was to physically remove the servers from the Colo facility, they would take more than 1×108 years to decrypt the data at current computer speeds.

11

Provide information about breaches at the data centre:

  1. Under what circumstances do you notify your customers of breaches?
  2. For Leased spaced facilities (if applicable)
    1. Is the leasing company legally obligated to notify you of the breach?
    2. How soon after the breach are you notified?
All customers are formally notified of any data centre issues via email, text or phone call of any security breach usually within 48 hours. This would be followed by formal letter from Atlas Communications as the owner of the building

12

Provide information about network monitoring:

  1. Describe the security monitoring techniques used to detect unauthorised access to data centre networks (e.g. Intrusion Detection/Prevention).
  2. Who is responsible for monitoring the events?
Atlas maintains core network in terms of Internet access access and within data centre equipment. This is monitored via threshold monitoring for attack or pre-attack activity. In the event of any attack Atlas has in place a number of measures to ensure that attacks are blocked, deflected or outrun. Precept IT uses Nagios Monitoring and IDS to monitor life signs on all Precept IT Servers 24/7. Should a particular problem occur, an engineer would be notified via SMS to deal with the particular issue.

13

Provide information about Closed Circuit TV:

  1. Are cameras (CCTV surveillance) used to monitor the data centre?
  2. How long are the videos retained?
  3. Provide a list of areas that are monitored by CCTV (access doors, customer racks, building perimeter, etc.)
There are number of cameras both external and internal to the data centre. These record all activity and are movement activated. Videos are retained for 18 months unless un-used. Data Centre entrances both external and internal are monitored. As centre operates a largely escorted access, all access is logged by swipe cards which are registered to individuals with Atlas’ team.

14

Provide information about the Tier Rating (qualifies for):

  1. Mechanical systems
  2. Electrical systems
  1. Tier 3
  2. Tier 3

15

Describe the cooling system for the data centre. The system used a hybrid ambient filtered air cooling and conventional dual HVAC system (the latter element providing data centre +50%). This enables most efficient use of cooling with as low an energy footprint as possible.

16

What is the average temperature at the air intake of the servers? 22 degrees C

17

Provide information about the Computer Room Air Handling Unit (CRAHU):

  1. How many CRAHU are installed?
  2. What is the model type?
  3. What is the Maintenance Schedule for CRAHUs, Chillers, Pumps, Cooling towers?
  4. Is there N+1 capacity at every level of the cooling system, CRAHU, Chillers, Pumps, Cooling Tower, Pipes?
Two large and two smaller units. Maintenance is annual bearing in mind that ambient air cooling maintains a large element of the data centre cooling regime reducing conventional HVAC use. CIAT & Mitsubishi Electrics data centre maintains the ability to support full cooling in the event of any single element in the infrastructure (Ambient or HVAC) failure.

18

What is the total power load in the Data Centre? 300amps

19

Does the data centre have dual power feeds from the Utility Provider and are the feeds in separate vaults? Currently feeds from ESB & NIE. These feeds are the same vault at a numbers of points

20

Describe the use of security guards during and after business hours. The area is in an industrial zone and patrolled by private security guards. In addition the area has its own police force (Belfast Harbour Police who also are responsible for security) The latter provides camera based car registration plate recognition of traffic in and out of the area.

21

Is emergency lighting and audible alarms used in the data centre? Yes. In the event of any failure, ambient lighting is maintained to the exits and klaxon style alarms are used in the event of serious incident such as fire.

22

Provide information about Uninterruptible Power Source (UPS).

  1. How many UPS systems do you have
  2. What is the capacity of each UPS
  3. What is the current connected load of each UPS
  4. What is the maintenance schedule
2 UPS systems are in place, each of 120Kva. Current loads are in the region of 75-80Kva. Maintenance is annual.

23

Is all electrical maintenance performed concurrently or are there required electrical shutdowns? Any electrical shutdown would be supported by automatic generator failover.

24

Provide information about backup generators:

  1. How many generators do you have
  2. What is the capacity of the generators
  3. Is there N+1 capacity in the generator set
  4. What is the generator’s maintenance schedule
  5. How much fuel is stored on site
  6. How often is the fuel cleaned and chemically tested
1 x generator is in use with 12 hours on a full tank with data centre at full load. Maintenance and testing is monthly as per manufacturer recommendation. No fuel is stored onsite for safety reasons. We have contracts in place with suppliers for emergency refills. Fuel is tested as part of a 6 monthly schedule

25

Provide information about fire suppression system:

  1. Describe system used for the data centre (i.e. dry pipe, sprinklers, FM200, VESDA, etc.)
  2. How often is the fire suppression system inspected?
FM200 system inert gas fire suppression system. System is inspected annually including all tank tests, refills and pressure testing.

26

What is the fire rating (in hours) for the walls surrounding the data centre? 1 hour gypsum rated internal walls.

27

Are all cable holes in and out of the data centre sealed with a fire rated seal? Yes. Fire retardant sealant is used to seal such areas as is required for fire suppression system to operate successfully.

28

Provide information for data centre maintenance:

  1. What procedures are in place to keep cardboard and combustibles out of the data centre?
  2. What is the cleaning schedule for the data centre
  3. How often is the raised floor, sub-floor vacuumed
  1. None are allowed within the data centre location at any time.
  2. Inspected weekly.
  3. Potentially weekly for raised floor and as required for sub floor

29

If there is office space on the floors above the data centre – does the floor above the data centre have a water protective membrane? No.

30

How does PRECEPT IT assure Internet Security? Precept IT adheres to Good Security Practice and takes Internet Security extremely seriously. Precept IT shall use best efforts to prevent denial of service attacks, viruses, worms, hackers or other malicious events or codes from affecting service availability. In addition, Precept IT will keep confidential all of your information held by it in the course of providing the services and use such information only for the purposes provided for in this agreement. Precept IT currently utilities security appliances made by Cisco Systems. Notably all servers are protected by a variety of PIX or ASA security appliances depending on the needs of the client and hosting contract agreed.

30

Service credits, guaranteed availability and software provision Precept IT shall provide 24x7x52 service availability for your hosted service, except where essential maintenance is required. Essential maintenance will be carried out outside the standard UK working day (9am-5pm) and Precept IT will notify the client of this work 7 days in advance of completion. Precept IT does not guarantee service availability under this SLA and no service credits are available for temporary loss of service.

31

Equipment Redundancy Precept IT ensures that it has adequate N+1 equipment on firewalls, switches and servers when deploying new equipment in the advent of hardware failure. This allows a direct swap out with a minimum of fuss of downtime.