Independent Annual Auditing.
- PCI Compliant Hosting - For ecommerce companies that need to protect customer credit cardholder data (CHD).
- HIPAA Compliant Hosting - For healthcare organizations and software companies that need to protect patient health information (PHI). Online Tech is BAA ready!
- SAS 70/SSAE 16/SOC 1 SOX Compliant Hosting - For companies that need to meet financial regulations. No two SSAE 16 reports are the same - make sure you compare the fine print.
- SOC 2 Compliant Hosting - Get assurance from the first standardized audit with common criteria for data center security, availability, processing integrity, confidentiality, and privacy.
Physical & Logical Security.
- Security administration for client control access to data center, colocation suites, cages and individual racks.
- Access to managed dedicated servers, cloud hosting, network and power infrastructure is restricted to authorized Online Tech personnel.
- Stringent employee background checks, training and termination procedures to protect your servers and data.
- Environmental control with 24x7 monitoring and alarming.
Monitoring & Logging.
- Automated issue tracking system to record, manage and track any security incident.
- Event notification and alarming to data center staff that is logged. Management is automatically alerted of critical security events.
- Systems are monitored and any significant changes are relayed to clients via maintenance announcements.
- A customer issue and tracking system that tracks and escalates client issues until closed.
High Availability Infrastructure.
- Always on power infrastructure with redundant (N+1) generators, UPSs, PDUs and power drops to racks.
- Always connected, redundant Internet access at each data center through multiple Internet providers with separate fiber paths into each data center.
- Cisco network infrastructure with redundant routers, switches and paired universal threat management devices which provide firewalls, IDS and IPS protection to help assure continuous service.
- Fully audited offsite backup process with a secure, restricted client data restoration process.