1. How Many Data Centers Do You Have and Where Are They Located?These may seem like basic questions, but the answers can hold critical information. They will help you determine if this provider is one to whom you should entrust your most critical business assets. The colocation data center provider should have:
- A facility close to your office. Selecting a colocation solution to meet your company’s technology requirements means that you will have to travel to the data center to conduct maintenance, install servers, and upgrade hardware and software. Having the data center near your office will save time and travel expenses.
- A national footprint. A data center provider who has three separate facilities may sound ideal but if they are all located within 3 miles of each other in the same city, it may not be the best choice. Select a provider that has strategically located facilities in different areas of the country.
- Connected facilities to ensure redundancy. Once you know where the data centers are physically located, you need to ask if they are connected. Having connected data centers in different parts of the country helps ensure that if a natural or man-made disaster should occur, your data can be replicated in another data center and your employees will be able to keep working as if nothing has happened.
2. Is Your Data Center Certified and Does It Meet Compliance Requirements?Asking the colocation data center provider about their security certifications and if they meet compliance requirements is only the first part of this two-part question. Any provider can say their data center meets these requirements, but can they prove it? Has the data center been formally certified by independent auditors? Has the certification included an on-site visit to each data center location which claims to be certified? Certifications should include the handling of client information in the data center itself as well as compliance requirements for regulated industries including healthcare, financial services, legal, etc. Examples are:
- SOC 2: Information security standards which regulate the security, availability and processing of client information in a data center environment.
- SSAE-18 Type II: Information security standards which put in place strict controls over data center hosting of client financial data. This replaced SSAE-16 Type II audits in 2017.
- PCI DSS: Information security standards that safeguard credit and debit card transactions and personal financial data.
- ISAE 3402: International assurance standards to protect shareholders and the public at large from accounting errors and fraudulent practices.
- HIPAA: National security standards to ensure the confidentiality, integrity and security of electronic medical records and the creation, receipt, use or maintenance of all patient data.
3. How flexible is your infrastructure? Can we quickly and easily scale up to more racks, larger cages, or even a full suite as we grow?For a colocation implementation to be successful, it is critical that you fully understand your current and future needs and then learn how the data center provider can help you meet those needs. Based on how much equipment you have do you need two racks or four cabinets? How many servers of a specific size will each cabinet hold? Do your current security requirements call for a locked cage? If you envision significant expansion, would you consider upgrading to a private suite? How much additional available floorspace does the facility have to enable you to quickly and easily grow? These types of questions are critical to ask of yourself and the provider up front, so you don’t start down the road to deployment and realize half way thought that you need additional space or must increase physical security measures to protect your data. In addition to the physical components of the infrastructure, outline your power requirements as well. Often, a server’s power requirement will exceed what a data center provisions for a new client and the discrepancy could increase as you expand into a cage. Create a list of immediate needs and potential future needs and work closely with the colocation provider to develop a solution that is unique to you.
4. What Kind of Physical and Network Security Measures Do You Have in Place?It is important to separate the security for the physical structure of the data center from the network infrastructure. They are very different and equally important.
- Physical Security: This relates to everything having to do with the physical structure of the data center and the ability to access both the building and your cabinets or locked cage. Be sure to review:
- The property around the outside of the building: Before you ever look at the actual data center building, look at the surrounding area. Does it contain a tall embankment to prevent flooding or boulders or fencing around the perimeter to prevent unwanted intruders?
- The building structure: Are there cameras on the outside of the building monitoring who comes and goes around the clock? They should not only enable the security staff to monitor the perimeter in real-time but also record and store all activities for viewing at a later date.
- Building access regulations: How is the building’s main entrance and lobby area secured. Are you required to call ahead before you arrive, or can you just show up unannounced? Can you access the data center outside of normal business hours? What form of identification are you required to provide in the lobby and how will you access your cabinet, company’s cage or suite – finger print and palm readers or a badge?
- Cage, cabinet or suite access: The members of your company’s technical team who visit the data center on a regular basis will most likely be prescreened by the data center provider and, once approved, will be allowed to move around the facility unescorted. You will be required to provide the data center with advanced notice of any additional employees to whom you want to give access or any IT vendors you have asked to assist you. For these one-off or infrequent visits, it is often up to you whether you want people working on your behalf to have unescorted access or not.
- Network Security: It is important that the colocation provider has a number of security measures in place to protect the building. However, if someone can gain remote access to your network then all the physical security in the world is useless.
5. What Level of Technical Support Do You Provide, Is It Onsite, and Is It Provided 24×7?Even though this is a colocation environment where you will be maintaining your own equipment (unless you select remote hands support), it is important to ask about the level of technical support that will be provided.
- What level of technical support do you provide? Some data centers place less technically knowledgeable customer care representatives on the front lines of support. The representative will take your call, assist you if they are able but will more likely hand off your request for support to another, more experienced person. The data center you should seek out is one where support is provided by system administrators who you can call directly to get your issue resolved. These are two very different means of support and will directly impact how quickly your problem will be resolved.
- Is you support onsite? Listen carefully to the answer to this question. Some data centers have their technical support staff physically located within the data center. Others are actually located offsite but can travel to the facility if there is a problem. This will impact how quickly a problem can be resolved if a person must first travel to the building.
- Is support provided 24/7? Today, with always-on availability and on-demand access to data, 24/7 support is no longer a luxury but a necessity. Walk away from a potential colocation provider who does not offer support around the clock.
6. Do You Provide a Carrier Neutral Network?An independent, carrier neutral or network neutral data center enables you to connect with multiple carriers who provide network connectivity within the facility. This is different than a data center which is owned and operated by a single carrier or ISP who will require you to use their network. A carrier neutral data center provides some significant benefits:
- Decreased cost: Increased competition among carriers will always drive down prices for you.
- Network redundancy: Reduced costs and additional carrier options will enable you to incorporate network redundancy into your plans.
- Flexibility as needs change: Carriers provide a variety of services. As your company grows and needs change, you will be able to quickly and easily change carriers within your data center. This will eliminate the need to move all of your equipment to a different facility.
7. What Happens If the Power Goes Out in Data Center?There is no such thing as a simple power outage, especially if you are running mission critical applications. The data center provider’s backup plan should ensure that you never know the outage has taken place and there is no impact to your business or your data. In most cases, data centers have dual power feeds entering the building. One is the primary power feed, while the other is the backup power feed. The second feed provides power when the primary power feed is down and converts to a backup generator if needed. Ask how long the backup generator will run and if the data center has a standing contract with a local company to deliver the required diesel fuel on a regular basis until it is no longer needed. This will ensure that the data center is always up and running, even in the event of a disaster. Don’t forget to also ask how the generator is maintained and how often it is tested – once a week, once per month?
8. What Is Your Uptime Guarantee/SLA and How Long Has It Been Maintained?An SLA (Service Level Agreement) describes what level of service the data center is committed to providing its clients. It will explain the uptime and availability of your data center environment. Data centers often promote the fact that they deliver a 99.99% uptime guarantee. Although that may sound ok, it is not satisfactory for any business where continuous data availability is critical to their success. If that is the case, you need to look for a data center with 100% uptime. Saying a data center delivers 100% uptime is great but ask how long that level of service has been consistently maintained – six months, two years? Data center providers who have maintained a consistent 100% uptime over 10+ years have certainly proven their commitment to delivering quality service with a singular a focus on the needs of their clients.
9. What is Your Data Center’s Power Density?Power requirements have steadily increased over time and they will continue to increase. When asking about a data center’s power density, be sure to consider your future technology needs. Some colocation data centers say they can support high-density environments but actually distribute the load over a larger footprint, causing you to pay more. A data center with up to 20 kW per cabinet has already planned for future growth and new technologies. A high-density data center brings distinct advantages to you.
- The more power a provider can deliver to each square foot of floor space, the less physical space is needed. This lowers the cost to purchase or rent the building and the savings can be passed on to you.
- Running a high-performance application across a group of low-density servers on multiple racks requires additional cooling as opposed to an application that can run on one, high powered server