Data Center Certifications
Arsalon Technologies works with the industry’s best technology and infrastructure providers to give you piece of mind when it comes to data center security and uptime standards.
Tier III Data Center Standards
Arsalon Technologies hosting facilities comply with Uptime Institute data center standards. Tier III standards offer N+1 redundancy, which is a form of resilience that ensures system availability in the event of a component failure. Tier III data center specifications also require IT equipment to have dual power inputs between the UPS and IT equipment.
Arsalon Technologies Tier III-compliant hosting facilities are purpose-built to support:
Small to large businesses
>N+1 fault tolerance
72 hour power outage protection
SSAE-16 Type II (Formerly SAS 70) Certified Data Center
Arsalon Technologies data centers are annually audited for SSAE-16 (Statement on Standards for Attestation Engagements No. 16) credentials that cover nine specific areas – including network monitoring, customer service, data backup, change management, deployment and physical security.
PCI Certified Data Center
Payment Card Industry Data Security Standard (PCI DDS) is an established security and reporting protocol for organizations that handle cardholder information for major debit, credit, prepaid, e-purse, ATM and POS cards.
Arsalon Technologies hosting facilities are annually PCI certified by an approved assessor, and our staff has extensive experience working with clients to meet the most demanding security standards.
Arsalon’s hosting facilities comply with PCI DDS v.2.0 standard (Link to PDF) released in October 2010. Businesses of any size must adhere to these protocols to accept payment cards, store, process and transmit cardholder data:
Assessment – Identifying all technology and process vulnerabilities that pose risks to the security of cardholder data that is transmitted, processed or stored by a business
Remediation – Fixing vulnerabilities, including technical flaws in software code or unsafe practices in how an organization processes or stores cardholder data
Reporting – Routine reports are required for PCI compliance; these are submitted to the acquiring bank and global payment brands that you do business with
HIPAA Compliant Data Center
Arsalon’s hosting facilities comply with the HIPAA (Health Insurance Portability and Accountability Act) rules and regulations established by the Code of Federal Regulations (CFR). The sections that pertain to data centers are HIPAA Security Rule 45 CFR 160, 160 and 164. HIPAA requirements are:
Information Integrity –Accuracy of medical records by physicians
Confidentiality – Medical records access and usage
Availability – Medical records must be accessible with reasonably avoidable downtime
Arsalon data centers’ role is to secure the health care client’s data:
Protect the integrity, confidentiality and availability of EMR/PHI
Have a Business Associate Agreement with clients that use our facilities to store EMR/PHI
Report possible violations of PHI to the Office of Civil Rights
NIST Compliant Data Center
Arsalon Technologies’ state-of-the-art hosting facilities follow NIST (National Institute of Standards and Technology) measurements and standards for data center infrastructure and deployment of information technology and applications.
Safe Harbor Certified Data Center
Arsalon Technologies hosting facilities hold safe harbor certification. Safe harbor certification protects US companies from enforcement action under the EU Data Protection Directive.
Under the safe harbor agreement, which was established by the U.S. Department of Commerce, Arsalon must adhere to a set of principles in order to comply with the delivery and processing of information here in the US. These principles specifically govern the personal rights of individuals and the sensitivity of the data, the transfer of information in regards to privacy and protection from loss, misuse, or unauthorized access of information.