Leading Colorado Springs Datacenter’s Security Controls Independently Certified

Posted on April 9, 2014 by Randal Kohutek

Data102, LLC. Achieves Examination in Conformity with Statement on Standards for Attestation Engagements (SSAE) No. 16 Type II Certification after Extensive Audit

Recently, A-lign CPAs of Tampa, FL, an independent auditing agency, certified that Data102 – Southern Colorado’s premiere, privately held data center—was compliant with Statement on Standards for Attestation Engagements (SSAE) Number 16, after completing a Type II report. After achieving compliance with SSAE standards in October of 2012, Data102 has maintained the highest standard of controls over its colocation services, and executed them throughout 2013 without exception.

In response to this achievement, Travis Taylor, VP of Business Development for Data102, said, “It’s been over a year since our initial audit, and we’ve succeeded at implementing and maintaining our security and operational controls, proving to our customers that we live up to the rigorous standards required for a Type II certification.”

The SSAE 16 certification is recognized by the Securities and Exchange Commission (SEC) as an acceptable verification of an organization’s internal security controls and procedures and is thus widely respected. Compliance is determined by an independent auditing agency that performs a thorough examination of control objectives, procedures, and safeguards, which include controls over information technology and infrastructure. Data102 has continued to implement and maintain strict security controls at itsColorado datacenter, which has now been independently certified according to SSAE standards.

At a time when more and more sensitive data is stored at data centers, Data102’s customers continue to have assurance that their data center is taking every possible precaution to keep them safe. Both the Type I and Type II reports are accessible and show Data102’s established controls and their effectiveness as reported by the auditors:

Type I provides a description of controls at a specific and particular point in time;
Type II includes this description and provides details regarding the testing of controls over a given period. With a Type II report, customers will be able to determine that these controls were in operation, satisfactorily designed, and operating productively for the duration of the testing period.

Randal Kohutek, VP of Operations, added, “I’m proud that our team has met the requirements to obtain SSAE16 Type II certification, and am glad that we bring this high level of execution to our clients.”

About Data102 LLC
Data102, LLC is a Colorado Springs data center and IT services provider. They offer a breadth of services includingcolocation, bandwidth, last mile Internet, Voice over IP (VoIP), virtualization, cloud servers, managed firewalls and website hosting. For more information about Data102 LLC, visit us at data102.com

View this press release at prweb.com

Cool Running – Hot Aisle Containment at Data102

Posted on April 8, 2014 by Randal Kohutek

The number one job of a data center is to keep the servers up and humming along, but this is not as easy as it may sound. Servers cannot simply be plugged in, stacked in a cabinet, and connected.

Not only must they be monitored, secured, and maintained, they must also be kept cool at all times, night and day, to ensure that the hardware stays intact and that service is not interrupted.

The infrastructure required to do this is costly and sophisticated. One of the main strategies used by Data102 to keep its servers cool and at peak efficiency is called hot aisle containment (HAC).

Like all electronics, bad things happen when servers get too hot, which can easily happen. Servers have fans similar to your home computer that take in cooler air from the front and blow hot air out the back. When servers are arranged haphazardly or in rows facing the same direction, they suck in hot air from the back of the other servers, meaning they can overheat very quickly.

This causes a number of problems:

Damaged CPUs and power supplies—even after just a few minutes of overheating
Potential data loss
System errors
Network interruption

All of these consequences in a data center can have a serious effect on a business’ productivity and profitability.

The Hot Aisle Containment Solution

The solution, then, is hot aisle containment. With hot aisle containment, servers are aligned in rows facing away from each other in alternating aisles so that they all blow hot air into the same space, which is contained by large plastic curtains. The hot air is then sucked out of these “hot aisles” and recycled through a large air conditioning unit called a CRAC (computer room air conditioning) that blows cold air up to the front of the servers from the floor. This cycle keeps the servers running at an ideal temperature (usually between 59 and 65 degrees Fahrenheit) at all times, regardless of weather or other factors.

Data102, the premier data center in Colorado Springs, uses hot aisle containment for a number of reasons:

To increase server longevity
Prevent data loss and connectivity issues
Maintain a cool datacenter overall
Improve the efficiency of the CRAC units
Create a chimney effect so that any excess hot air will rise out of the room.
Reduce energy costs

In order to ensure that our hot aisle containment system is doing the job, we monitor the temperature of each aisle and have checks in place to make sure that your server is always running at peak efficiency. These reports, along with our infrastructure experts, ensure that the servers keep humming, which means you stay connected with your customers.

Layer 3 Security and Linux

Posted on April 7, 2014 by Randal Kohutek

Your web server has been defaced for the third time in two months and your customers are starting to wonder. Some may even start to fear their personal information is at risk. With recent security breaches from big corporations like Michaels, Neiman Marcus, and Target², you would be hard pressed to come up with a reason why they shouldn’t be. These days, the Internet can be a caustic place and computer security (especially of the web variety) is becoming much more important to everyone, from the lowly startup to the great big software corporations.

The fact is the majority of visitors to a website may not be actual people at all butautomated bots searching pages for weaknesses (think computer programs that scan the web)¹. This information creates a very scary scenario of an Internet where malicious users can accomplish things automatically and in heavy volume.

However information one knows can also help them be prepared, which in this case would be fighting fire with a firewall. Many users have the IPTABLES service running on their Linux boxes right now, but have little to no idea how to configure it. It works as a firewall with rules set in place to allow network traffic in or out. Manually configuring IPTABLES can be a bear, especially when you are talking about possibly hundreds of unique IP’s hitting a server in an hour. It would be impossible for someone to be as dynamic as the Internet when it comes tomalicious traffic.

In order to counter the ever-increasing stream of garbage from the Internet, one could enlist the help of dynamic services like fail2ban to add an extra bit of security to their system. Fail2ban is a service that runs while your system is live and scans logs for diversions in a baseline that you can configure. It’s safe to say that a malicious user trying to break a system via the login screen of your web page will not be successful on the first go. Well with fail2ban, the malicious user might get 3 tries before fail2ban sees the login failures in the log file and bans the host by adding their IP to a jail file. Once in the jail, the host won’t even be able to request the page that it’s trying to break, effectively stopping the automated attack. The rules for what and when to ban are entirely up to the administrator, and work in tandem with many “native” Linux services. New filters can be applied using regex that looks for specific strings or methods of attack. Basically, if a person is consistent with their maintenance, they will be able to mitigate most bot-based attacks, at least of the web variety. The best part is that since fail2ban is just a daemon, you can run it on both virtualized and stand-alone servers without any issue.

Since fail2ban sits on the server and watches interactions with the logs, it doesn’t care what type of virtualization it might be using in regards to a VPS. However you do have to keep semi-decent logging for it to watch, which shouldn’t be an issue if your installs are defaulted. In short, fail2ban and other types of dynamic log monitoring services are great for watching real-time data and protecting from malicious users out on the net. That being said, there is no replacement for strong authentication protocol to include frequent password changes. In our next article, your premier Colorado data center will address the truth about passwords and what makes them strong or weak, as well as the importance of a firm password policy.