Sep 11, 2012

Internap’s commitment to PCI data security standard

INAP

Internap’s commitment to PCI data security standard  For the second year in a row Internap volunteered to have its data centers audited for the PCI DSS compliance by a PCI Qualified Security Assessor (QSA). The result of this audit is a PCI ROC, a Report on Compliance that covers Internap’s managed hosting and the dedicated private cloud environment.

Why does Internap care about PCI DSS? Because we care about the security of our customers’ sensitive business data…

Some of Internap’s clients are required by major payment card companies to be PCI DSS compliant. Therefore Internap developed a secure data center managed hosting environment and a suite of security service offerings that address many of the PCI related service needs of our clients.

How does Internap help its clients with their PCI DSS needs?

The PCI DSS standard includes 12 requirements for businesses that store, process or transmit payment cardholder data (CHD). These requirements, which are listed below at an overview level specify the framework for a secure CHD environment.

It’s important to note that no one managed solution vendor addresses all twelve requirements and their sub-requirements to the fullest and that responsibility for passing the PCI DSS audit ultimately falls to the hosting customer that processes, stores and/or transmits the CHD. However, the following are examples of functions that are defined as the responsibility of Internap in the management of networks and operating systems that address some of our customers’ PCI DSS needs:

  1. A SOC 2 compliant physical data center with security controls to protect the physical assets (firewalls, routers, switches, and servers) of the hosting customer’s environment.
  2. Management of administrative user accounts that include service-accounts, root, administrator and other system-level administrative (privileged-user) accounts.
  3. Installation, configuration, administration and maintenance of firewalls and network router equipment, and the deployment of baseline firewall and router rules (configurations) for which the customer would request its business-specific rules for Internap to implement.
  4. Network bandwidth to/from the Internet, or customer provisioned private line networks into the provisioned customer environment.
  5. Anti-virus administration at the operating system level, to ensure that the services operating within the customer’s managed server environment are free from viruses.
  6. Baseline backup and recovery of operating system environments, customer data repositories, as well as system and security device configurations.
  7. Operating System (OS) patch management services.
  8. Intrusion detection, prevention and log management services.
  9. 24/7 service support (SOC).

Internap represents the best available data center environment to provide better protection of our clients’ applications that deal with CHD. Internap also presents an opportunity for its customers to leverage managed security services tailored to the PCI DSS compliance for better protection of their sensitive business data – and to address compliance with other standards and regulations. Please contact your solutions engineer (SE) with any questions regarding Internap’s PCI DSS managed hosting environment.

 

Explore HorizonIQ
Bare Metal

LEARN MORE

Stay Connected

About Author

INAP

Read More
Sep 7, 2012

Six questions to ask when reassessing your IT goals

INAP

Every summer Formula 1 takes a break from the ‘circus’ with a two-week enforced factory shutdown. The teams are not allowed to work in the factory or on the cars. It gives everyone the chance to sit back and relax from the first half of the year. What it also does is give the teams, engineers, principals, managers and drivers time to think about how they are going to approach the rest of the year.

How are they going to get the next 1/10 of a second out of that wing? How are they going to manage the pit stop strategies as they go to places notorious for dynamic weather patterns, for instance the last race at Spa. These are the types of questions that they are thinking about, planning for and waiting to act upon.

This time can also be an opportunity for you as an IT professional to look back and reassess how the first half of your year has gone. During these last few days of summer you can take a break too, just like Formula 1 teams, and spend it planning — either how to improve the resources you have now or to move on to a better resource, which helps to sharpen and make more effective your team’s resources.

Here are some questions you may want to consider when reassessing your IT goals for the rest of the year:

  • Do you have any budget left you could use before the close of the year?
  • If so, what projects are at the top of your list?
  • Have you met all of your planned data needs? Where are you at with capacity to support more data/media on your current servers/hardware?
  • Have your customers been complaining about slow performance or dropped sessions with your applications/website? How can you improve? Is it time to add web acceleration technologies?
  • Do you have upcoming seasonal needs? Is it time to try out the cloud to avoid capital expenditures?
  • What can you do to make the rest of your year more productive?

These are just a few ideas to get you thinking as summer comes to a close. What other things are you considering as we enter the last few months of 2012?

 

Explore HorizonIQ
Bare Metal

LEARN MORE

Stay Connected

About Author

INAP

Read More
Sep 6, 2012

Video blog: IT Infrastructure for online gaming

INAP

From the age-old arcade favorites like Pac-Man, Donkey Kong and Pong to the lovable Nintendo Mario Brothers or the highly addictive World of Warcraft, the culture, technology and business of video games has slowly filtered down into your living room, your PC and even to your mobile phone. If you haven’t touched a joystick in a while, you might be in for a surprise.

The technology, graphics and budget behind blockbuster game titles mimic those of their Hollywood counterparts — and that’s not all that has changed. The face of gamers has changed too, and it’s not just because their acne cleared up when they hit 35. Games like Farmville and Words with Friends have attracted more girl gamers than ever before. Gaming demographics have also expanded to include children and their parents playing games together — and it’s not happening at the family fun centers of the old arcade days. Today’s gaming is done online.

To keep up with this growing demand, online gaming companies must contend with latency, availability and high infrastructure costs. Taking your IT Infrastructure to the next level to deliver a consistent experience for finicky gamers requires coordination on all fronts — and not just hand-to-eye.  Our own Adam Weissmuller, director of product management for our managed hosting and cloud division, sat down to answer some of the tough questions. Check out what Adam had to say in our vblog about the challenges, optimal infrastructure designs and what to look for in an IT Infrastructure services provider.

Looking for an IT Infrastructure to support your worlds or realms? Check out the instant replay of our recent online gaming webinar, then be sure to read the “Online Gaming Industry Handbook.” for an in-depth look at this market today.

Explore HorizonIQ
Bare Metal

LEARN MORE

Stay Connected

About Author

INAP

Read More
Sep 5, 2012

Don’t wait — another hurricane is already forming

INAP

iStock_storm_dark_clouds_rain_300x150Last week, as folks were bracing for Isaac and what wrath he would bring to Louisiana, Mississippi and beyond, my mashup referenced making other preparations – those beyond the personal – that are necessary to avoid data loss. But for many it may have been too late. According to a comment on a related article: “Most everybody who has a good disaster recovery plan, has gone through one or more disasters before doing so.”

So, if you were one of the lucky ones, we are happy you made it through. But you may not the next time. Sure, Isaac may have lost his strength, but his leftovers are still flooding parts of our nation and a full week later folks are still suffering the personal and business impacts. Now is the time to ensure your business is storm-ready.

Hurricane season remains in full swing until late November — in fact today CNN reports that Leslie has strengthened to a hurricane. So, don’t wait to make your preparations. To help you get started check out our Disaster Preparedness eBook.

Explore HorizonIQ
Bare Metal

LEARN MORE

Stay Connected

About Author

INAP

Read More
Sep 4, 2012

What does modular mean to you? Evaluating modular data center options

INAP

The need for scalability in the data center has driven demand for some interesting engineering ideas over the years. For example, I remember when I got my first tour of an actual self-contained, portable data center. Sun’s Project Blackbox had just been released — a data center built into a standard 20-foot shipping container. The idea was novel at the time with benefits such as quick provisioning of extra footprint and less upfront expenses compared to building out more space.

But that was just it — it was novel, and the industry wasn’t entirely sure how this data center in a box play would work. Fast forward to today and about 35 percent of IT professionals are currently either using modular products or evaluating them with an eye towards adopting the technology in the next 12 to 24 months, according to an August 2011 survey of Data Center Knowledge readers. It does gives new meaning to the idea of a modular data center, huh? In fact, the word modular has become a buzzword with multiple meanings. So many meanings, actually, that deciphering what options are available in the modular data center market can be tricky.

Tier1 Research senior analyst Jason Schafer says that the modular market is experiencing segmentation and some challenges with definitions. “The term modular has suffered from its popularity, similar to the way that cloud has,” said Schafer. “Modular means a lot of different things to a lot of different folks.” Here are a few definitions from Jason on the different buckets the term modular can belong to:

Containerized Data Center

As mentioned above, the container data center or data center in a box is an example of modularity. Essentially this is a self-contained computing facility that is manufactured in a factory and shipped to a location with power and cooling resources built-in.  It does deliver on its quick-to-market promise and can exist without being physically tied to any one location, but it isn’t always the best choice for long term needs or for deployments that require high levels of availability.

Modular Components

This type of modularity includes purpose-engineered modules. In this scenario, individual pieces of a data center are produced and made available “off-the-shelf,” as opposed to custom building infrastructure components on-site for the project.  In theory you could build an entire data center using module components — possibly saving time and money on made-to-order designs but potentially losing out on the customizable nature building your own data center offers.

Modular Providers

Instead of just pieces of a data center being made available for purchase, with this data center as a service approach, the entire data center is available as a standardized product. With this idea, the guesswork of building your own facility is gone and data centers can be manufactured and delivered within a matter of weeks. The cost-effective nature of this solution is attractive, although you still sacrifice the flexibility of a tailor-made facility.

Phased Modular Facility

Modular can also mean a multi-stage deployment of a traditional data center. Incremental deployment of space leverages demand to support space build-outs only when needed. It does require actually making use of a physical data center facility, but the approach creates a repeatable process that delivers greater efficiencies and cuts time-to-market. You’ll see this approach with many of your colocation solutions providers today — a great option if you don’t plan on building your own data center or deploying any high-tech shipping containers to contend with scalability demands.

Hopefully this breakdown gives you a better idea of what is meant the next time you hear the word “modular,” although I am sure there are more iterations. What does modular mean to you?

 

Explore HorizonIQ
Bare Metal

LEARN MORE

Stay Connected

About Author

INAP

Read More