Security and Compliance Information
Cirrascale Cloud Services data centers employ a number of unique security protocols and technologies which help our clients comply with the most stringent of regulatory requirements. Combine those features with 24/7/365 armed security and mature operational controls and Cirrascale Cloud Services becomes a valuable asset and partner for clients in highly-regulated industries. Additionally, our data centers meet, exceed, and can provide documentation around the necessary infrastructure-related controls to help clients meet HIPAA, PCI-DSS, ITAR and GLB compliance standards.
Cirrascale Cloud Services data centers are specifically designed to provide mission-critical reliability and continuity of service. Industry leading physical security features, including an armed security presence, and rigid physical controls policies help protect client assets and uninterrupted operations.
Each data center is audited annually to the SSAE-16 /ISAE SOC1 Type 2 and SOC2 Type 2 standards.
Physical Security Controls
Access to our data centers is strictly regulated. All entrances are monitored by security personnel, in addition to two factor access control and utilize alarms for non-standard operations states. Data centers are staffed and patrolled by armed security officers to enhance physical security features and to provide protection for critical services housed within the data centers.
Extensive use of digital security cameras monitor: all building entrance and egress areas, data center access points, all data center floor space where service equipment may be housed, and other areas designated and critical or sensitive.
Our facilities are protected by industry leading cabinet based fire suppression systems, minimizing the risk of collateral damage from an actual fire or false positive result. This risk mitigating platform provides significant improvements over traditional zone based suppression platforms.
Power & HVAC Systems
Our data centers are designed to meet high standards of redundancy. These include critical power and cooling platforms which are provisioned in a fault-tolerant, A+B configuration. Critical power load for each facility is supported by both redundant UPS systems and redundant emergency power generation systems.
In addition to the listed controls, our data centers undergo consistent Facilities Monitoring (FacMon) reviews. Data from critical systems are sampled and charted to allow for historic reporting and trend analysis.
Technical and Logical Controls
Industry-standard link encryption and authentication methods such as IPsec, SSH and MPLS are utilized to ensure the security of data during transmission. A multi-tiered set of defensive services are also used to strictly control network access to the data centers themselves.
Access services and platforms supporting the Cirrascale Cloud Services platform are strictly monitored. Servers and platforms are selected and configured to maximize their reliability and security, and are configured to prevent intrusions and protect against day‐to‐day threats.
Client data transfers may be made from the client’s environment to our data centers via standard IPsec, SSH, MPLS or other direct network connection services. All non‐required firewall ports are blocked.
Intrusion Prevention Systems
We utilize enterprise-grade intrusion detection / intrusion prevention systems (IDS/IPS) to provide early detection of malicious activities.
Network and Security Monitoring
Our critical service platforms are managed by our distributed systems and security operations teams. System logs, as well as firewall and IDS/IPS event alerts are relayed and escalated 24/7/365 to facilitate early detection of any malicious events.
Need More Information
Regarding Security and Compliance?
Due to the restrictions enterprise companies may have regarding confidential data, we understand that using cloud resources may seem impossible. We're confident we can help find a solution that can ease your security concerns. Contact us today at (888) 942-3800 to discuss your options.