US Signal Data Centers: Secure by Design

May 17, 2022
Cloud, Colocation, Data Protection, IT Security, Network, Storage

US Signal Data Centers: Secure by Design


There are a lot of reasons to get out of the data center business and move your IT assets to a colocation facility. For example, you no longer have to pay for powering the environment in which your IT infrastructure resides. You can expand your infrastructure to fit the needs of your company’s growth without having to take on capital expenditures.

Nonetheless, many organizations have concerns when considering colocation ─ one of which is security. That’s not surprising given how critical IT assets for keeping businesses up and running. However, colocation facilities can offer excellent security, often better than a company could provide itself. The key is to do due diligence when checking out various off-site data centers.

US Signal’s data centers, for example, are secure by design. Here’s what that means.


Security Isn’t an Afterthought

US Signal’s SSAE 18 audited data centers house and connect the equipment and technologies that power your services. Every aspect of these facilities, from leading-edge equipment and technologies to the security features they employ, have been thoughtfully considered.

US Signal’s data centers are designed and operated for maximum security. US Signal employs a multi-faceted defense-in-depth strategy, so all its data centers use multiple physical and operational security and safety protocols and iron-clad security policies.


Security Features Make the Difference

Security features vary among facilities but generally include:

  • Vehicle intrusion prevention (selected facilities)
  • Internal and external camera coverage at all entry points with appropriate lighting
  • 24/7 monitored pan-tilt zoom and fixed-focus cameras with surveillance footage archived for one year off-site
  • Biometric iris scanners or user-assigned proximity access cards (varies by facility) with the data centrally analyzed, correlated, and archived by US Signal’s log rhythm SIEM platform
  • Interlocking access control vestibule to enter the building and a second access control vestibule to enter the data center floor (selected facilities)
  • Required visitor login and badge when inside a US Signal facility, along with escort by a US Signal employee or authorized colocation customer
  • Locks on all cages and cabinets
  • Intrusion alarms and motion detectors
  • Fire suppression and fire alarm systems
  • 24/7 monitoring and alarms for HVAC, water detection, humidity, temperature, power outage, and generator operations with immediate alert response


Security Technologies Boost Protection

US Signal employs leading-edge security technologies to ensure all aspects of its data center operations ─ and company operations overall ─ are protected. That includes:

  • Redundant firewall clusters that are diversely located for the corporate infrastructure with full threat management capabilities.
  • Host-based intrusion detection, passive network detection, firewall-based IPS, net flow monitoring, DNS security, and centrally monitored
  • Antivirus are used to help provide multiple layers of defense
  • Two-factor authentication
  • An endpoint protection platform that includes workstation encryption in addition to the ability to address advanced threats such as malware and ransomware
  • SIEM platform for centralized log collection to monitor deployed enterprise, cloud, and service provider technology to identify, correlate, and remediate any potential security incidents


Processes for Security Inside and Out

US Signal also employs a variety of data center operation and security best practices, to further bolster security. Security processes and services include:

  • A vulnerability and patch management program to ensure security vulnerabilities are identified, scored, and remediated
  • Multiple third-party threat intelligence services to help make risk-based decisions and prioritize patching and vulnerability management
  • All new systems and any systems with significant changes scanned before going into the production environment
  • An internal audit organization utilizing CISA certified staff with ISO-19011 as the reference architecture for the planning, conducting, and reporting of the internal audit program
  • A vendor due diligence program
  • Risk-based business continuity and disaster recovery (BC/DR) plan that includes multiple live tests each year, follow-up action item review, and reporting
  • Multi-faceted, frequent employee training in all US Signal policies, including for information security and data protection


Policies

There’s also a full range of policies in place to further ensure top-notch security, such as:

  • Access to US Signal systems based on the employee position to ensure only the access needed for the position is granted
  • Shared accounts prohibited, administrator-level account use is limited, and all administrator accounts are monitored for anomaly by US Signal’s SIEM
  • Employee termination procedures are in place to remove logical and physical access
  • US Signal-owned assets recovered at the time of employee separation from US Signal
  • All access changes tracked and documented within US Signal’s IT trouble ticket system, providing an audit trail for access activity


The Compliance-Security Connection

All US Signal data centers are designed to meet ANSI/TIA-942 data center requirements (varies by facility). US Signal is also audited for compliance with and/or holds certifications for numerous regulatory requirements and industry standards. Meeting the various requirements demonstrates US Signal’s commitment to ensuring the security of its infrastructure on behalf of its customers. Briefly, US Signal:

  • Is independently audited to meet SSAE 18, SOC 1, Type 2.
  • Has completed the SOC 2, Type 2 attestation, providing third-party assurance to customers that we have the appropriate internal controls and operational procedures in place to protect customer data.
  • Is audited for HIPAA compliance annually by an independent third-party auditor, and will sign a Business Associate Agreement (BAA).
  • Is independently audited to meet standard secure data hosting and processing practices for card holder data.
  • Is self-certified for FBI Criminal Justice Information System Security Policy (CJIS) compliance. This enables us to provide services to law enforcement agencies at the local, state, and federal level.
  • Is certified under Privacy Shield and GDPR — compliant for the transfer of European Union subject data to better support customers with international business needs.
  • Is compliant with the International Traffic in Arms Regulations (ITAR) and maintains self-certification with the obligations and requirements of the regulation.


Location Matters

Data center security is also affected to location. US Signal’s data centers are strategically located in business-friendly, mid-sized cities throughout the Midwest — considered one of the safest geographical areas. Situated in areas protected from weather-related events, the data centers are easily accessible from main transportation routes.

Most are at least 200 miles apart, and all are on separate power grids to minimize the effects of natural disasters. Nonetheless, tested storm and emergency preparedness plans and multi-faced recovery plans are in place to help minimize service disruptions and ensure continued operation in case a disaster (natural or human-initiated) occurs.


Secure Data Centers at Your Service

US Signal’s data centers also are supported by the company’s 25/7/365 Technical Operations Center. In addition to handling customer calls, the TOC has a team devoted to around-the-clock monitoring of US Signal's network, data centers, and infrastructure.

The team stays ahead of potential infrastructure issues by deploying and maintaining and maintains leading-edge monitoring assets for all core and edge service elements. Their work plays a large role in ensuring US Signal meets its service level agreements for uptime and availability – and delivers service that customers can rely on.

You can learn more about US Signal’s data centers here, as well as download this helpful overview of how US Signal provides customer support and security. If you’re interested in a data center tour or would like more information about US Signal’s data centers, cloud services or anything else, let us know.