Green Cloud Hosting Data Center Facility Info
RemoteWorkplace & Hosting Facility Security
Disaster Recovery Information
At True North Networks, we pride ourselves in providing safe and secure remote access to our customer’s networks and for our various hosting options and servers. This document will provide detailed information on our facility, security, and disaster recovery procedures currently in place.
The True North Networks hosting servers are housed with Green Cloud Technologies. The Green Cloud Infrastructure is housed in 2 geographically diverse Tier III Data centers. As such these data centers maintain diverse fiber entrance facilities, diverse network providers, diverse power feed, both diesel and natural gas generators, redundant UPS systems, and redundant cooling and dehumidification. Within each data center Green Cloud maintains redundancy at every level of the infrastructure from redundant routing and switching hardware, redundant network interconnections, redundant storage arrays, redundant blade computer chassis, to high availability features of the VMWare hypervisor. In addition to the redundancy of each individual data center site, Green Cloud maintains data replication between both data centers to ensure availability of our customers servers in the event of a natural disaster or other catastrophic events at one of the 2 sites.
- SSAE 16 SOC I Type II certifications
- Strict security policies and procedures help our clients meet regulatory demands and compliance guidelines set forth by HIPAA, SOX, PCI, etc.
- 365x24x7 on-site personnel and monitored video surveillance
- Card key plus PIN to access facility
- Card key / biometric fingerprint to critical areas
- Individually locked cabinets and cages
- Photoelectric wall beams
- Digital cameras
- Redundant backup power via multiple UPSs and generators
- Redundant network infrastructure
- Utilization of Cisco routing and switching with strict access, protecting the borders of our network, and VMware’s vShield Edge firewall, protecting all servers
- Utilization of SSL VPN with two-factor authentication for all remote access
- All storage subsystem traffic is segmented on private isolated network to protect customer data
- All systems are managed by named user logins with granular user access; system access is logged to a centralized logging subsystem for auditing purposes
- IPSEC for encryption to avoid sensitive data traversing the public Internet
- Utilization of private WAN circuits between locations
- Frequent critical and non-critical system patching and upgrade cycles to ensure all systems are protected from known and identified threats
- Technology Services Liability Coverage
- Miscellaneous Professional Liability Services Coverage
- Technology Products Liability Coverage
- Media Content Services Liability Coverage
- Network Security Liability Coverage
- Privacy Liability Coverage
- First Party Extortion Threat Coverage
- First Party Crisis Management Expense Coverage
- First Party Business Interruption Coverage
The True North Networks technical staff consists of highly qualified network engineers and technicians. With backgrounds in security, law enforcement, and financial industries, our staff has tremendous knowledge and experience with both information security and compliance issues. Industry standard certifications held by our engineers include: Certified Information Systems Security Professional (CISSP), A+ Certified, Microsoft Certified Professional (MCP), Microsoft Certified Systems Engineer (MCSE), SonicWALL Certified Security Administrator (CSSA) and AuthAnvil Token Certified Professionals.
All True North Networks staff have gone through a criminal background check before being employed.
True North Networks is primarily an information security company. RemoteWorkplace® is a secure remote access solution for companies who need secure access to their company networks. Clients who use our various hosting services use RemoteWorkplace® to access either servers or our hosting servers.
RemoteWorkplace® transmits login information using industry-standard SSL 128-bit encryption, the same encryption used by most financial institutions to protect online transactions. A unique username and password for each user, and a realm name unique to each client are all required to login to RemoteWorkplace®. Passwords must be complex, and must be changed every 60-90 days.
Backup and Disaster Recovery
Every information system needs an excellent backup strategy in case of accidental data loss, and a contingency plan in the event of a disaster. At True North Networks, we have multiple backup plans in place to protect our clients’ data, and to restore systems quickly in the event of a major disaster.
We employ multiple layers of backups to ensure our ability to retrieve data. Backups execute at various intervals – hours, days, weeks, months –providing overlapping copies that cover all points in time. We also archive a monthly backup and store it offsite for 5-7 years. All backups that are stored offsite are protected with passwords, and encoded with 256-bit encryption. Passwords are only known by True North engineers, and the success of all backups are checked manual each day.
We use various software and technologies to accomplish our daily and disaster recovery backups:
- Green Cloud Technologies Server imaging software.
- Datto – Virtualization enabled backup and recovery software for image and file level replication.
- Offsite replication to a second data center for disaster recovery.
These plans and procedures are reviewed and revised as the situations warrant, or as new technology becomes available. We will also make sure that we have the best method for disaster recovery and will adjust our planning and procedures to use the best technology to accomplish this.
These procedures are subject to change without notice.