Not all clouds are created equal, Part IV

DATA PROTECTION, SECURITY AND PRIVACY: THE FOURTH KEY ELEMENT OF OUR BUSINESS GRADE CLOUD

 

(Did you miss part III of this series? If so, you can read it here.)

We believe that our greatest responsibility is to protect your data.

We also believe that, because it’s your data, you have the right to know where it resides. In addition to minimizing latency, that’s why we let you select which datacenter will protect your end user data: it provides the peace of mind that comes from knowing where your data is physically stored.

Data protection, security and privacy

Your data is also well-protected. Our Four Quadrant Design protects against data corruption and possible data loss due to hardware failure. We leverage Microsoft Database Availability groups with real-time replication between quadrants. Our infrastructure is designed to replicate data multiple times within one datacenter as well as on remote backup. Beyond that, we adhere to proven security and compliance practices and implement a strict privacy policy.

DATA PROTECTION

As we said, Red Rock Service’s Cloud Host maintains at least three copies of your data. Two of the copies reside on physical disks in separate corners of the database quadrants, ensuring service availability in the event one of our EMC or Hitachi units experience a failure. A third copy is archived to tape.

In our experience, data corruption is the largest threat to data integrity and availability. Our design makes it highly unlikely that corrupt data will replicate from one copy to another. This means that you will always have a good production copy of your data on at least one of our database quadrants.

To date, our Four Quadrant Design, combined with Microsoft’s improvements with DAGs and Shadowing for redundancy, has never lost data due to corruption. Nevertheless, a third copy of your data is stored on tape and backed-up daily using Symantec’s industry-leading Netbackup. This third copy of data is typically used only to provide point-in-time restores for individual users, as needed.

SECURITY STANDARDS

Red Rock Service’s Cloud Host’s commitment to security and privacy is of paramount importance. As the world’s largest provider of hosted Exchange mailbox services, security is in their DNA—and it has been for over 12 years.

To protect our customers’ data, we have implemented security controls, processes and technologies that far exceed what most businesses could reasonably build on their own. We also follow national and international security standards and best practices. As a corporate member of the Cloud Security Alliance, we continually help define industry best practices in information security.

THIRD-PARTY AUDITS

Red Rock Service’s Cloud Host undergoes annual third-party assessments to assure our customers of the highest security. We maintain ongoing SOC 2 Type II compliance. We’re happy to share a full report, subject to our non-disclosure agreement.

DEDICATED SECURITY TEAM

Red Rock Service’s Cloud Host employs a team of dedicated and certified information security experts who are focused on protecting your data every single day. Each team member maintains the following industry-leading certifications at a minimum:

  • Certified Information Systems Security Professionals (CISSP)
  • Certified Information Security Manager (CISM)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Incident Handler (GCIH)

NETWORK SECURITY

Our networks are protected in a number of critical ways:

  • Commercial-grade edge routers are configured to resist IP-based network attacks
  • Red Rock Service’s Cloud Host subscribes to Distributed Denial of Service (DDoS) protection through Verisign, one of the leading providers of network security
  • Commercial-grade firewalls ensure only needed ports and protocols are allowed
  • Custom-built intrusion detection systems detect and stop incoming attacks
  • DDoS mitigation services are employed
  • Red Rock Service’s Cloud Host’s production network is fully meshed, redundant and geographically dispersed to ensure uptime
  • Our dedicated production network is physically and logically segregated

SYSTEM SECURITY

To ensure system security, we adhere to the following practices:

  • All our systems are regularly patched to the latest versions of software to reduce exposure
  • All our systems are configured using hardened baselines
  • Our dedicated security team performs regular penetration tests against all our services

PRIVACY POLICY

Red Rock Service’s Cloud Host offers a clearly documented privacy policy. It guarantees that we will not access or use your data in any way, except when we have your permission to troubleshoot an issue. Intermedia is certified Safe Harbor compliant with the U.S. Department of Commerce.

To read Red Rock Service’s Cloud Host’s Privacy Policy, click here.

CONCLUSION

As you consider your options for the cloud, remember the value of experience. It’s not just about technology, it’s about how technology is implemented. And implementation is wholly a function of experience.

Not all clouds are created equal. Intermedia’s cloud is born out of 12 years of experience with a relentless focus on performance, availability and data protection. Our Exchange cloud is at the top of the industry today—and our engineers and architects are working to keep it that way long into the future.

As you consider the cloud to support your business infrastructure, consider the experience that underpins it.