How does a datacenter meet the right requirements?
If a business is on the verge of purchasing datacenter services, it is important that there are enough guarantees in the areas of reliability, security, and continuity. To determine whether a datacenter complies with these requirements, you can look at the ISO certifications acquired by the datacenter.
ISO is short for International Standards Organization. This is an organization that develops and publishes international standards. They work together with national standardization organizations. The ISO standard is currently recognized in 164 counties.
Anyone can technically start a datacenter, but the certifications separate the wheat from the chaff. A server with an internet connection is technically enough to offer services in exchange for payment, but in practice this is definitely not enough. Businesses that work with confidential business- and personal data set high standards for their suppliers. To ensure business process continuity, the business data needs to be continuously available, and the security of this data needs to be in order, so that hackers and other unauthorized persons do not have access to your valuable data.
Increasing quality level
A datacenter that has acquired ISO certifications can offer a certain level of quality. They have considered all aspects of their service. Processes and procedures have been mapped out. Periodically, evaluations take place and where necessary improvements to business operations are made. This offers clients assurance. An ISO certification provides transparency. With ISO certification available, the comparison of cloud and datacenter services from different providers has become much easier.
A business needs to really make an effort to acquire an ISO certification. An independent organization determines whether a business is working as per ISO standards. If that is the case, a certain ISO certification will be awarded. A business that has acquired an ISO certification cannot simply lean back and relax. The business is checked annually by an independent external party. To keep the certifications, a business will therefore have to keep operating according to their standards.
There are many types of ISO certifications. With regards to cloud services, the following ISO certifications are of interest: ISO 27001 (information security), ISO 9001 (quality management) and ISO 14001 (environmental management). Because The Datacenter Group also serves clients in the financial sector, we will also describe the NEN 7510 (healthcare) and PCI DSS (finance) certifications.
ISO 27001 Security
The ISO 27001 certification proves that the procedures and day-to-day tasks within our datacenters comply with the strict procedures specified in the standard. During annual inspections and audits, the Information Security Management System (ISMS) and underlying processes are checked against this and approved. The standard specifies requirements for defining, implementing, operating, controlling, assessing, maintaining and improving a documented ISMS in the context of the general business risks to the organization. On an international level this standard is increasingly seen as a benchmark for the level of information security.
ISO 9001 Quality
ISO 9001 concerns the standard of quality management and is applied to all processes through which we provide our services. Dekra, an independent organization, conducts an annual audit to document and verify the processes used by The Datacenter Group. This certification indicates that there is an effective quality management system in place in our datacenters, and that we observe the regulations regarding systematic control and fixed procedures. As a result we provide a constant high level of quality to our clients.
ISO 14001 EMS
ISO 14001 is a standard concerned with environmental management. With the aid of an Environmental Management System (EMS) per the ISO 14001 standard, the environmental risks of business operations can be managed and if possible reduced. Obtaining this certification and undergoing the annual inspection audits that result from it are a compliment to the emphasis that we place on the Corporate Social Responsibility of The Datacenter Group.
NEN 7510 Healthcare
NEN 7510 is the Dutch standard for information security within the department of healthcare. It also serves as proof for healthcare insurers and patients that The Datacenter Group handles electronic patient files with the utmost care and responsibility. With the NEN 7510-certification TDCG shows that it has equipped an equivalent management system for healthcare. For care clients of the two datacenters this means that the datacenters in Amsterdam and Delft guarantee — to the benefit of patients — the availability, integrity, and confidentiality of all digital information.
PCI DSS Finance
PCI DSS stands for Payment Card Industry Data Security Standard. This certification ensures maximum security for clients of the datacenter during financial transactions. Companies who store, process and/or send credit card details are obligated to acquire this certification. Visa Inc., MasterCard, JCB, American Express and Discover Financial Services are responsible for establishing this norm. PCI DSS is the most important security standard in the payment industry for securing data. The Datacenter Group is audited annually by an independent party to ensure compliance with this standard.