Dedicated to Security & Completely Compliant.
We're not just saying it. Every client has access to our independent SAS 70, SSAE 16 (SOC 1), SOC 2, HIPAA, & PCI audit reports. We invite you to compare our thorough list of audited controls with any other data center operator!
We take security far more seriously than many data center operators. Beyond just a firewall or data center biometrics, we operate within a comprehensive security and process controlled framework that embraces every aspect of secure data center operation. True security influences the entire organization, from physical security and logical network security to fully documented change management, business continuity, and ongoing security training for every employee of Online Tech. We get it. Your data must be secure. It must be private. And always available.
But, don't take our word for it. Online Tech invests in extensive and ongoing independent third party auditing to assure our clients that every data center and hosting product meets compliance standards. We don't consider this a painful undertaking. We embrace the feedback from experts who bring an objective eye to every facet of our operation. It makes us better. It keeps you safer.
Remember, many audits allow "self-assessment". Let's face it: it's hard to objectively evaluate your own business. Wouldn't you rather work with a company that actively welcomes and invests in qualified, independent auditing? Prove due diligence to your own clients, patients, and auditors by asking for, and reading, the independent audit reports of your hosting provider.
Independent Annual Auditing.
- PCI Compliant Hosting - For ecommerce companies that need to protect customer credit cardholder data (CHD).
- HIPAA Compliant Hosting - For healthcare organizations and software companies that need to protect patient health information (PHI). Online Tech is BAA ready!
- SAS 70/SSAE 16/SOC 1 SOX Compliant Hosting - For companies that need to meet financial regulations. No two SSAE 16 reports are the same - make sure you compare the fine print.
- SOC 2 Compliant Hosting - Get assurance from the first standardized audit with common criteria for data center security, availability, processing integrity, confidentiality, and privacy.
Physical & Logical Security.
- Security administration for client control access to data center, colocation suites, cages and individual racks.
- Access to managed dedicated servers, cloud hosting, network and power infrastructure is restricted to authorized Online Tech personnel.
- Stringent employee background checks, training and termination procedures to protect your servers and data.
- Environmental control with 24x7 monitoring and alarming.
Monitoring & Logging.
- Automated issue tracking system to record, manage and track any security incident.
- Event notification and alarming to data center staff that is logged. Management is automatically alerted of critical security events.
- Systems are monitored and any significant changes are relayed to clients via maintenance announcements.
- A customer issue and tracking system that tracks and escalates client issues until closed.
High Availability Infrastructure.
- Always on power infrastructure with redundant (N+1) generators, UPSs, PDUs and power drops to racks.
- Always connected, redundant Internet access at each data center through multiple Internet providers with separate fiber paths into each data center.
- Cisco network infrastructure with redundant routers, switches and paired universal threat management devices which provide firewalls, IDS and IPS protection to help assure continuous service.
- Fully audited offsite backup process with a secure, restricted client data restoration process.