Physical and Environmental: Datacenter Environmental Security Controls
Type of Security Control: Administrative | Preventative
The purpose of this procedure is to explain the systems in place as datacenter environmental security controls.
Applies to: Internal | DC1 | DC3
Description: Edge Hosting maintains Uninterruptible Power Supply (UPS) units, which are monitored daily, and a monthly report is generated detailing the performance of the UPS units. UPS and battery maintenance is performed regularly as recommended by the manufacturer.
Applicable Compliance Statements:
• NIST SP800-53R4 PE-11
• NIST SP800-53R4 PE-12
• NIST SP800-53R4 PE-13
• NIST SP800-53R4 PE-14
• Access to the datacenter
Service Level Agreements:
• Maintain per manufacturer recommendations
1. The datacenter is equipped with a diesel generator. In the event that municipal power should fail, an Automatic Transfer Switch (ATS) changes the datacenter power source from the failed power to the generator.
2. While the generator is starting, power is temporarily supplied from the UPS units until the generator has started and is stable.
3. An account with a local fuel company is in place to maintain fuel levels in the event of prolonged municipal power failure.
4. After power is restored and stabilized, the ATS changes the datacenter power source back to municipal power.
5. The generator is tested on a weekly basis.
1. Redundant HVAC units are in place to maintain appropriate temperature and humidity levels for the equipment in the datacenter.
2. These cooling systems operate independently from the building heating and cooling systems.
3. A contract is in place to have maintenance performed on the HVAC units according to the manufacturer recommendations.
1. The datacenter is equipped with sensors to detect smoke, fire, and water.
2. A fire suppression system, including a dry-pipe sprinkler system as well as a waterless fire suppression system are in place.
3. Systems are maintained at regular interval, as per the manufacturer recommendations.
Owner: Chief Information Security Officer
Questions: Chief Information Security Officer
Effective Date: 10/18/2017
Last Reviewed Date: 10/18/2017
Next Review Date: 10/2018