SUMMARY: When looking to disperse any workload, especially cloud geographically, some specific things to consider when selecting a data center.
REDUNDANCY-Redundant data centers are essential, and the preference is to have the redundant data centers provided by the same hosting partner. Redundancy becomes very important in cloud infrastructure, and certainly a core requirement of US Federal ATO's.
SECURITY- The data center should all provide multilevel security features and a rigidly controlled production environment to protect valuable customer assets and operations. The data center should utilize an array of security equipment, techniques, and procedures to control monitor, and record access to the facility, including organization and customer cage areas. The data center and configuration of the infrastructure should be provisioned with segmented VLANs, compute, storage, memory resources, and connectivity options including site to site VPN, and direct Internet access for publicly accessible services or applications.
CUSTOMIZATION- The data center should be customizable to support unique requirements. The site should offer reliability, redundancy, security, customization, power, and cooling to meet all organization and customer requirements.
AUDIT WORTHY-Audits are part of life, and whether you are hosting workloads for the US federal government or your organization, compliance with specific standards provide a level of comfort that makes life a lot easier. A few of the annual audit standards include: SSAE 16/18/ISAE 3402/SOC standards (formally known as SAS 70) and maintain ISO/IEC 27001 certification. Audits focus on internal "controls" used to maintain a specific level of accountability. The word "controls" outside of the cyber lexicon refers to a process that is followed and accountable, and when peeled back shares attributes with cyber controls as they have a description (objective) and process (implementation).
Although not directly related to establishing the data center, it is critical to understand some of the outcomes of establishing a data center. The data center should provide a multi-tenant capable infrastructure, which becomes vital for a cloud-based service. The data center should allow for a "no shared infrastructure" environment, which essentially means that all services are provided from within the organization or customers environment within the data center. For example, when traveling, you choose to stay in a bed-and-breakfast. The bed-and-breakfast offers a private room, although it has a shared bathroom and dining accommodations with other guests. The bathroom in this example is the shared "infrastructure" for the bed-and-breakfast customers, which is like a shared network infrastructure at a data center. When selecting a data center, decide if you are looking at a bed-and-breakfast or personal home — remembering that your house typically will not share a bathroom or dining accommodations with your neighbors. For many environments, shared infrastructure like network and storage offers less cost, although results in an increased security risk.
Over the next several weeks, I will post a series that will explore establishing the data center, understanding cost, infrastructure details, and lots of good stuff in between.