We take security far more seriously than many data center operators. Beyond just a firewall or data center biometrics, we operate within a comprehensive security framework that accounts for every aspect of operating a secure data center including training, business practice standards, physical security, logical network security and change management procedures.
Secure HIPAA, PCI, SOX, and SAS 70 & SSAE 16 Audited Environments
The SAS 70 audit process includes an in-depth audit of the effectiveness of a service organization’s internal controls on physical, network, and data security to assure that our clients’ servers and data are protected and secure.
All of our Michigan data centers are SAS 70 Type II & SSAE 16 audited to provide the security and reliability needed to protect your data, and to provide the foundation for our HIPAA, PCI and SOX compliance.
As part of our SAS 70 & SSAE 16 processes, we enforce a password policy with automated security management systems, and specific information can be classified into unique security zones. Our security zones for client-only access meet HIPAA, PCI, CISP, and other audit requirements while still allowing us to successfully manage your colocation or managed dedicated servers.
All of our data centers require two-factor authentication for entry, log all entrances by keycard, utilize biometrics, and require visitors to log-in, badge and follow proprietary security procedures. Security cameras at all data centers record and retain a minimum of 90 days of activity, with around-the-clock environmental monitoring for temperature, humidity, water, smoke and fire. All of our UPS and core network areas remain secure from the client-accessible colocation area and are monitored 24x7 as well.
A private Gigabit network connects our Michigan data centers as well as redundant Gigabit connections to the Internet. Each client has private VLAN(s) on our core network with redundant firewalls for uninterrupted security and the ability to upgrade while in production. All of our clients’ networks are also protected by hardware firewalls and our Universal Threat Management (UTM) IDS/IPS system which protects against DOS, DDOS, port scans and other advanced intrusion attacks.
Secure Change Management
Our documented change management procedures include security reviews, and our unique, real-time support portal, OTPortal, also guarantees support requests are from trusted sources. With this same tool, we regularly and proactively schedule security credential confirmations with all our clients to ensure a secure change management protocol.
Data Center Security Training
When your company selects Online Tech as your data center partner, it is also selecting a team that has been fully trained in data center security. Ongoing security awareness training is standard for every Online Tech professional, starting with new hire training and refreshers at regular intervals. And before we hire, all recruits are carefully and meticulously screened with background checks by third-party firms.
As you can see, at Online Tech, we take security seriously.