A Katakri (National Security Auditing Criteria) audit was carried out at the Telia Helsinki Data Center in the autumn of 2019. Now, the data center can officially provide server room that meets even the strictest requirements. This way, the data center can take care of every aspect related to data security.
Most companies are motivated by the continuity of their business when they decide to move their devices to a data center. When a company’s servers are located in a secure location, it will never need to worry about any interruptions to its business – even in the case of a disruption.
Another key motivating factor is statutory requirements related to proper data security, for example in the storage and processing of sensitive personal data.
This means that the planning and implementation of a data center is a balancing act between the security it provides and the usability of its services.
ENSURING NETWORK SECURITY VIA THE BACKBONE NETWORK
At the Telia Helsinki Data Center, special attention has been paid to its data security practices, and this focus encompasses even its networks and data connections. The center’s numerous standards and certificates are an indication of the high level of security it provides.
“The physical security of the Telia Helsinki Data Center has been audited and certified using the Katakri tool, and it is also ISO27001-certified, which is fairly typical for most data centers,” says Eero Lindqvist, Data Center Specialist at Telia.
“On the other hand, the center’s ISO22301 certification, which is related to its business continuity practices, is what sets it apart in Finland. In addition, some of the data center’s facilities are PCI DSS-audited, which means that they can be used to house systems that process payment card data,” Lindqvist continues.
The Telia Helsinki Data Center’s ISO22301 certification, which is related to its business continuity practices, is what sets it apart in Finland.
Katakri is the latest auditing standard and includes requirements for physical security, technical data security, and the management of security practices. It is an audit tool used by the authorities to assess an organisation’s ability to protect the confidential information stored by authorities. The audit’s requirements are based on legislation and international information security obligations.
If a customer purchases both the space in data center and connections provided by Telia, they can be confident that their data security is in very capable hands. “Thanks to our leading backbone network, we can prevent any cyberattacks on that network, i.e. even before they reach our customers’ servers,” Lindqvist explains.
TOP-LEVEL PHYSICAL SECURITY
Physical security is one of the key areas of data security. “The structures used by the Telia Helsinki Data Center are world class. When it comes to the data center’s reliability, its design incorporates the so-called Tier III requirements. This means that, for example, the center features a duplicate for every generator, distribution platform and transformer it uses. In other words, the data centre will be able to operate even during any major incidents,” notes Lindqvist.
The Telia Helsinki Data Center features data connections that travel via several routes. In addition, many of these are available from different operators. “This way, our customers can be sure that their connections will continue work correctly even if there is a disruption in our own network,” Lindqvist describes.
A secure digital solution will not remain secure for long if anyone can access the device cabinets housed in a data center. That is why the Telia Helsinki Data Center has strict access restrictions, and the facility is under manned surveillance 24 hours a day.
Katakri ST III facilities are accessible only to designated and background-checked persons whose duties require that they have access to the facility.
“Different facilities are subject to different security classifications. For example, Katakri ST III facilities are accessible only to designated and background-checked persons whose duties require that they have access to the facility,” Lindqvist notes.
In addition, Telia Helsinki Data Center is protected against fire and water hazards. Learn more by watching the video above.
YOUR PARTNER IN SECURITY
Many companies that have a need for data center services usually outsource at least part of their management and the supervision of their network status to a skilled partner. This solution is an easy and cost-effective option, especially for smaller companies with more meagre IT resources.
“The Telia Helsinki Data Center offers many services, such as the 24/7 supervision, management and maintenance of a company’s IT environment. If a customer so wishes, our SOC team can also monitor their networks and responds to any detected data security incidents. If necessary, we can even monitor their cloud environments,” Lindqvist suggests.
“You will benefit the most from our services when you purchase all of your connections and data center services from us. In that case, we can offer, for example, the aforementioned data security incident monitoring service via our backbone network,” he continues.
Overall, you will be better equipped to manage and monitor your entire environment when you use only a few service providers, and it also helps clarify the data security responsibilities of each party,” Lindqvist concludes
KATAKRI = National Security Auditing Criteria (Kansallinen turvallisuusauditointikriteeristö in Finnish). This criteria is used to ensure that all service providers to the central government are able to operate at an adequately secure level in governmental projects that are subject to a security classification.