TRIO DATA SYSTEMS - en > Solutions > ASP > Security

PHYSICAL SECURITY

Physical security is a top priority of TRIO DATA SYSTEMS's datacenter.
The main functions of multi-level security of the infrastructure are :

Access control
Reliability
N+1 Architecture
Electrical system
Environmental control
Fire detection & suppression
Connectivity

Access control

TRIO DATA SYSTEMS' s datacenter is monitored 24/7 round the clock by security officers trained with strict procedures.
Those security services consist of :

Monitoring of premises from control room
Regular patrols carried by security officers
Strict procedures for the production of security cards
No unauthorized access accepted
Video Surveillance of premises and archiving to tape
Door access controls at main site and building entrances
Proximity activation cards to authorize access levels
Movement logs on all proximity card usage for the whole system
Internal and external CCTV cameras and digital image archiving
Internal and external intruder detection devices
Vehicle entrance barriers and secure loading bays
Strict policies on handling customers’ postal packages
Security systems linked to central BMS
24x7 monitoring by security teams trained with strict procedures

Security extends beyond our site to include wider security authorities such as the local police and estate security. We exchange information and work together to counter potential threats

Reliability

TRIO DATA SYSTEMS's datacenter is an highly reliable facility thanks to its design, but also its maintenance and administration procedures being applied. The cutting-edge technical environments answer perfectly the highest needs of friability, security and scalability.

Uninterrupted and redundant electrical and air-conditioning systems
Sophisticated fire detection & suppression systems
Operating, monitoring and maintenance 24/7 round the clock of technical facilities and equipments
Environmental control (temperature and humidity)
Scalability and flexibility
Access to multiple telecommunications providers

« N+1 » Architecture

TRIO DATA SYSTEMS's datacenter has been designed and is operated on the basis of N+1 architecture. In other words, technical facilities are systematically associated with a standby spare unit in addition of normal operational requirements (N)
For example, standard requires only one power supply but the datacenter is equipped qui two separate power supplies; standard requires only one emergency power supply but the datacenter is equipped with an additional one.
N+1 architecture comes with every critical facilities and systems, including :

• Primary high-voltage power-supply
• Emergency power supplies and inverters (UPS)
• Electrical Switchboards A&B
• Air-conditioning units
• Pumps
• Air processing equipments
• Fire detection & suppression systems

The N+1 architecture on which are based all our technical facilities are guaranteeing reliability of the TRIO DATA SYSTEMS's datacenter and reduce dramatically operational risks of service break.

Electrical system

Reliability of TRIO DATA SYSTEMS's datacenter is based upon high performance and redundant electrical systems. Its design was conceived in order to greatly reduce risks of electrical breakdowns, to make it fast to be repaired and to allow alterations without interruption of service. As a result, when a long lasting power outage occurs in the outside grid network (blackout), equipments are kept in operation :

Connection to the high-voltage network through different supply cables
Low-voltage switchboards for the power supply of computer rooms
Standard electric capacity of 800 W/m²
Redundant electric transformer stations
Emergency power supplies with maximum autonomy of 24 hours at full load
Inverters (UPS)
On site fuel capacity is enough to operate during several days, with priority restocking contracts
Scheduled and preventive maintenance plans on every technical facilities
24/7 round the clock presence of technicians and controllers trained with quality procedures

Environmental control

TRIO DATA SYSTEMS's datacenter has been designed to meet the highest requirements in term on environmental and air-conditioning controls, including to meet the high demand in cooling capability required by the Blade servers.

The facilities offer a centralized air-conditioning system linked to the BMS (Building Management System). The cooling capacity that can be used for the computer equipments is around 600 to 750 Watts per square meters. The other key features are :

Air-conditioning units
Continuous regulation of temperature and humidity
Flexible solutions of ice supply ready for the use of « Direct Piped » and « Down Flow » air-conditioning units.
Ventilation grids adjustable inside the raised-floor for a better air flows distribution
Scheduled and preventive maintenance operated by qualified technicians 24/7 round the clock
Service Level Agreement (SLA) for temperature and hygrometry rate

Fire Detection & Suppression

We protect all our facilities with sophisticated fire detection and suppression systems built to N+1.

If a fire breaks out, these will react rapidly to minimize the impact and reduce the chance of it spreading to other areas.

As standard, we provide three stage detection systems in plant and technical areas, and fire detection in every room below raised floors and in ceiling voids. Other key features are :

VESDA (Very Early Smoke Detection Apparatus) systems
Environmentally-friendly gas suppression systems using Argonite or Inergen
Gas and smoke extraction in conjunction with pressure relief systems
Fire alarms and wet-pipe sprinkler systems in ancillary areas
Fire detection and suppression systems linked to BMS
On-site 24x7 monitoring

Connectivity

TRIO DATA SYSTEMS's datacenter is working with major telecommunications providers and propose access to a great number of internet traffic interchange point.

The facilities typically provides :

Efficient cable routing using underground ducts, building service risers and cable trays
Two fiber entry ducts into buildings and Meet Me Rooms (MMR)
Splicing chambers and draw pits
Two MMRs for fast connectivity from carrier to carrier or customer
Multiple riser points to each floor
Strict cable management systems (with color coding for quick identification)
Satellite and antennae roof space for customers’ equipment

LOGICAL SECURITY

Logical security is the second requirement for the data integrity protection of our customers. We elaborated it by piling up the following elements :

Firewall
SSL Certification
Backups
Anti-Spam
Anti-Virus

Firewall

The firewall is nowadays considered as one of the fundamental component of the security of any computer network. It allows to apply access rules to network resources (servers).
His main task is to control traffic between each trust zones by filtering data traveling inside. Usually, trust zones include the Internet (un-trusted zone), and at least one internal network (a zone consider more reliable).
The target is to provide a controlled and mastered connectivity between each levels of confidence, thanks to the use of security policies and a connection model based on the filtering rules.
The filtering can be done on several criteria. The most common ones are :

the origin or destination of packets (IP address, or UDP port, network interface, etc.)
options contained inside data (fragmentation, validity, etc.)
data itself (size, pattern matching, etc.)
users, for the most recent ones

Firewalls installed on TRIO DATA SYSTEMS servers ensure :

A detection of every types of pirate attacks
The powerful integrated Intrusion Detection System (IDS) protects the servers against known and unknown pirate attacks. It filters the incoming data flow and decides whether it is legit or not, either by comparing it to models of known attacks or operating behavioral analysis.
Protection against every types of network connections
The Ethernet protection module protects transiting packets so that they cannot be diverted. Attacks of this kind can also disable or disrupt network connections. That's why it blocks every intrusions that wants to place itself inside the network connections.
Circumvention of every kind of infection from spy software
The anti-spy module put servers away from the threat of being infected by spy software and from loosing confidential data. Spy software are blocked at every possible steps : installation, activation, transmission of data and re-installation. The real-time anti-spy watch monitor makes sure, by means of controlling the critical areas of the system, that no spy software can activate itself on the servers ; they will always be kept clean and healthy. The on-demand analysis scans the system to find any trace of disabled spy software and delete them for good.
Protection against any type of theft of data
The anti-leak function monitors continuously the interactions between applications and forbid therefore malicious software to take control of approved applications and access network in their name. The anti-leak protection protects from tens of known malicious methods to steal personal data by slipping through the net of the detectors at the exit of the firewall.
Quarantine of mail attachments
The quarantine of mail attachments protects from the threat of accidental opening of attachments infected by virus, worms and other malicious software. This quarantine allows also to customize the kind of attachments that must be blocked.
Network activity monitoring
The dashboard of network activities monitors and shows every established connections between the servers and other computers on the Internet. Administrators can therefore know at any moment who is connected on servers.
Packets/applications filtering
Thanks to its data filtering system based on process, the firewall is acting as a virtual checkpoint for data coming in and out of applications. Based on some knows attributes or following the instructions of the user, it automatically set up applications allowed to communicate through the local network or the Internet. Should it be needed, administrators can forbid any unwanted program to access the Internet thanks to those application access rules. Filtering of packets is a low level technique which allow to select protocols, remote ports and addresses allowed to be accessed from the servers.
Multi-purpose firewall rules
Firewalls allow to define macro for applications to manually set up security rules for every application and windows service. For example, limiting the DNS requests to the list of DNS services integrated in the network adapter. If the DNS tries to reach an unlisted server, administrators are warned and can choose to allow of block this action.
Stealth ports
Firewalls make sure that servers stay invisible to unauthorized strangers, protecting them against port scans and attempts to establish unauthorized communication channels.
Content management
Integrated content management module allows to gather a list of words and phrases which display on websites will be forbidden. This functionality can be very interesting for companies willing to block access to certain type of websites.

SSL Certification

Public and private keys serving confidentiality
An SSL certificate is made of a public key and a private key. The public key is used for data encryption and the private key is used for decryption. When a browser connect to a secured domain, a SSL connection authenticates the server and the client, then it defines an encryption method and an unique session key. They can start a secured session that guarantee the confidentiality and integrity of the message.
Without SSL encryption, data packets travel unprotected on networks. Imagine yourself sending a mail inside a transparent envelope. Anyone who can access to it can see the data. If they are of any value, those persons will be able to take or alter them.
Without a third-party control, how do you know that a website is the genuine representative of the company you are giving your trust to ? Each SSL certificate is created for a specific server in a specific domain for a verified professional entity. Like a passport or a driving license, an SSL certificate is delivered by a trusted authority. When SSL transaction occurs, the browser ask the authentication from the server. If the data doesn't match or the certificate is outdated, the browser then displays an error message.

The highest trusted authority on Internet
Verisign is the number one SSL certificate SGC compatible provider, delivering 128 bits encryption to more than 99.9% of websites visitors.
The 128 bits encryption offers 288 times more combinations than a 40 bits encryptions. That's over one trillion of trillion (1036) times more powerful.
Verisign the provider of SSL certificate chosen by 93% of the Fortune Global 500 and by the 40 most important banks in the words; companies who knows very well what means security on Internet. They trust Verisign because of its encryption technology and its strict procedures for authenticating companies.

Backups

When talking about security, you have to include a backup policy that is tested and reliable. Backup operation is one of the fundamental component of absolute protection of activity; it is one of the essential element of ASP model. There are two different kinds of data : the environment and data itself.

The environment is composed of the OS, standard office applications and vertical applications. The environment is not modified often, so it doesn't requires to be backed up every day, only when a modification occurs. This modification can be an update, adding or removing an application. After each modification, a backup of the system is made and stored in a decentralized place. The objective of system backup is to be able to restore a functional system environment in a short period of time; that's the first part of the backup process.

Data are made of the customer's documents and files : database, commercial management files, accounting, Excel & Word documents, etc... Unlike environment data, those data are constantly evolving; backup must then be made every day. Precisely, a complete backup is made every Sunday, followed by incremental backup from Monday to Saturday. This strategy allows to restore a file from a date up to one week old, which can be very handy in case of error made on a file (deleted, saved by mistake, etc...). Moreover, an optional electronic filing is available and can either be monthly, three-monthly, or yearly.

Anti-Spam

Spam is the most common annoyance that email users have to put up with, and even after the recent confidence in numerical economy law (LEN) forbidding this kind of activity in Europe, there are still tens of spam mails coming daily to our mailboxes. To fight against this, TRIO DATA SYSTEMS's mail system includes the latest version of the SpamAssassin software. Every email is analyzed by this software, around 800 tests are made on the content. After completion of those tests, an evaluation score is being computed, and if this score is greater than a given limit, the email is marked as spam. Recent studies shows a discrimination rate greater than 95%.

Anti-Virus

Every TRIO DATA SYSTEMS servers are installed with an antivirus from a world leader in this category. Updates are performed automatically by software publishers as soon as a new virus is detected. The antivirus system is nowadays a tried and tested technology and contamination risks are close to zero. Furthermore, the antivirus installed on the servers are a second security barrier as TRIO DATA SYSTEMS's email system uses an antivirus filtering as first defense so that any infected email is immediately destructed.

Disaster Recovery Plan (DRP)

Even though the physical infrastructure is highly secured with multiple redundancies, clustering, etc... (see "security" chapter), availability of access to application and data must be insured in every possible cases. The risk of facing a natural disaster, a computer abuse or a terrorist attach is very little but cannot be left apart. TRIO DATA SYSTEMS's concept on this matter is to be prepared to any risk in order to be able to operate counter-measure procedures so that continuity of activity of its customers is ensured. This plan is called « Disaster Recovery Plan », and it is based on the following elements :

Warranty of computer equipment : equipment come with a warranty contract from the manufacturer that insure delivery of new hardware or fixing any broken hardware in less than 4 hours.

Emergency infrastructure : a second hosting site (cold site) is set up, ready to receive the replacement equipment.

System backup : a complete system backup of the environment is stored in a secured and decentralized place. It is systematically updated with every system update.

Customer data backup : there is two different backup of customer data : every night a first backup is made on the main site. The next day, a second backup is being made and transferred to another site in a different place.

TDS DRP Architecture

Disaster recovery plan ensure a functional system in less than 16 hours :

Hour	Action
H	Building the risk assessment, activation of manufacturer's warranty
H + 4	Reception of new hardware on recovery site
H + 6	Setup of new hardware
H + 8	Restoration of system
H + 12	Restoration of customer data
H + 16	Tests and validation of proper operation

Service Level Agreement (SLA)

Service Level Agreement is an insurance for customers about TRIO DATA SYSTEMS quality of service. It defines the different levels of services, resource implementation, monitoring indexes and level of compensation the customer is entitled to beneficiate if a minimal level of service is not maintained.

1 – Level of services

Availability rate : TRIO DATA SYSTEMS commits to its servers being connected and their availability rate being at least of 99.9%, meaning no more than 43 minutes and 12 seconds of system failure per month.

Servers response time : TRIO DATA SYSTEMS commits to provide an outgoing bandwidth matching Citrix recommendations for every connection, that is, 22 Kb per seconds.

Average Speed to Answer (ASA) : TRIO DATA SYSTEMS commits to take any phone call in less than 5 minutes.

Problem resolution time : TRIO DATA SYSTEMS commits to a maximal time of resolution of 16 hours, except in case of a software bug or a abnormal use because of lack of knowledge from the user (optionally, it is possible to subscribe to a contract of assistance of use to one of several software).

Restoration time of a backup : TRIO DATA SYSTEMS commits to a maximum time of restitution of a backup of 60 minutes per 10 Mb.

2 – Resource implementation

Availability rate : it is ensured by redundancy of servers (clustering), physical and logical security as well as the DRP procedure.

Servers response time : it is ensured by a 100 Mbits/seconds dual SDSL line, which is much more than the necessary bandwidth needed for optimal operation.

Average Speed to Answer (ASA) : it is ensured by the presence of a technical support team from Monday to Friday and from 9am to 6pm. Optionally, it is possible to get a 24/7 round the clock support.

Problem resolution time : The technical support team ensure the resolution of problem by means of an escalation process. If necessary, technical manager can decide to operate a switch toward the recovery site.

Restoration time of a backup : Users authorized by the customer can ask the restoration of one of several files from a backup through an online form put at their disposal.

3 – Monitoring indexes

The different monitoring indexes are taken from various automatic reporting tools and also from statistics of the technical support database. They are available online for reference at each start of the month for previous month activity.

4 – Levels of compensation

TRIO DATA SYSTEMS commits to pay compensation in the event of no compliance of the SLA. Those compensation are computed as follow :

Index	Compensation
Availability rate	2.5% of monthly billed amount for every 60 minutes of unavailability (1).
Servers response time	2.5% of monthly billed amount for every 60 minutes of non-compliant output bandwidth (1).
Average Speed to Answer (ASA)	2.5% of monthly billed amount for every additional minute of a non compliant average waiting time (1).
Problem resolution time	50% of monthly billed amount in case of unresolved problem between 16 and 24 hours; 100% if still unresolved after 24 hours.
Restoration time of a backup	2.5% of monthly billed amount for every 60 minutes of delay (1).

(1) Depends of criteria defined in paragraph 1.
In every case, amount of compensation paid by TRIO DATA SYSTEMS cannot be more than the monthly amount billed to the customer.

5 - Exclusions

Are excluded from the SLA guarantees :

Scheduled maintenance operations as long as the customer is warned 48 hours in advance and it is not exceeding 4 hours per month. Those maintenance operation are made between 8pm and 7am during the week or in the week-end, Paris time.

Problems due to use of a software and cause by a software bug or misuse from the user.

Any situation of no compliance of SLA caused by a service modification wanted by the customer and scheduled by TRIO DATA SYSTEMS.

Any situation of no compliance of SLA caused by the customer (misuse, customers’ internet connection interrupted).

6 - How does SLA evolves in time ?

A satisfaction survey is sent to customer's users once every years. Once results are processed, a summary document is delivered to the customer during the annual follow-up meeting. The customer can ask a modification of SLA during this annual meeting, or at any time in case of extreme measure. TRIO DATA SYSTEMS commits to put all the necessary efforts to meet the expectations of the customer by adapting the SLA up to the technical possibilities.