BxB Secure is a small and efficiently run company that is dedicated to providing straightforward, easy to use, cost effective secure digital communications, with a focus on HIPAA Compliant Email, Forms, and Hosting.
While we do not have “our own” data centers like some bigger companies; we utilize the services of some of the most respected and reliable providers around — LuxSci and Rackspace. These two companies have been partnered for over 13 years and by partnering with them we can bring our clients a premium service that is second to none. LuxSci and Rackspace are like an extension of our IT department, helping us to provide the most reliable and redundant HIPAA compliant services available.
Rackspace has three data centers in the USA, two in the United Kingdom, one in Hong Kong, and one in Sydney; BxB Secure can setup servers for clients in any of these locations.
The following sections discuss the very impressive features of the Rackspace data centers that are a part of BxB Secure and LuxSci’s infrastructure.
Business Associate Agreements
Of course BxB Secure maintains agreements with its direct partners. This closes the loop and is why we can offer all of our clients a BAA bringing all accounts into complete HIPAA compliance.
Data Center Physical Security
The data centers only house dedicated servers and cloud services; there is no support for “co-location”. This means that only authorized Rackspace technicians can ever enter the data centers and gain physical access to the servers. Rackspace clients, even BxB Secure and LuxSci staff, cannot get anywhere near the servers themselves, physically (without special dispensation and escort). This is a good thing.
- Always Watching: The data center access is monitored by round-the-clock interior and exterior surveillance.
- Biometrics: Access is granted through key card and biometric scanning protocols
- Authorization: Only authorized personnel are granted access credentials to the data centers. Any other visitor must have prior clearance and and an appropriate escort.
- Security Checks: All data center employees undergo multiple background security checks.
- 24/7: Data centers are manned 24/7 to provide additional protection.
- Low profile: Data centers facilities are unmarked so as to maintain a low profile.
- Audited: Physical security measures are audited by independent firms.
ISO27002 (formerly ISO17799); ISO 27001; SSAE16; SOC 1; SOC 2; SOC 3; Safe Harbor; CPS. Read about these.
- Rackspace is also SysInst certified
- All employees are trained on documented privacy and information security policies
- Only authorized personnel have access to confidential information.
- Access to systems is logged and tracked for auditing purposes
- Policies are in place for the destruction of all sensitive documents
- Independently audited disaster recovery and business continuity plans are in place at Rackspace headquarters and support services.
Data Center Precision Environment
- HVAC: The HVAC (Heating Ventilation Air Conditioning) system is N+1 redundant; this enables duplicate systems to take over should there be an HVAC system failure.
- Clear Air: All the air in the data center is circulated and filtered to remove dust and contaminants every 90 seconds.
- Fire Suppression: Advanced fire suppression systems are in place to stop fires from spreading in the unlikely event one should occur.
- Nice and neat: Cables are securely tied down with cable racks suspended from ceilings, providing dual routes for all cables.
Data Center Conditioned Power
- UPS: Every server is attached to conditioned UPS (Uninterruptible Power Supply) power so that, should a total utility power outage ever occur, all of the data center equipment will continue to run.
- Redundant UPS: The UPS power subsystem is N+1 redundant; this provides instantaneous failover if the primary UPS fails.
- Generators: In the event of an extended utility power outage, routinely tested, on-site diesel generators can run indefinitely. (We have seen this happen and it works).
The Network Infrastructure – 100% uptime!
In addition to excellent physical security and data center planning, the network environment is so good, that Rackspace guarantees 100% network uptime. How do they do this and what does it mean?
- The network is used exclusively for customers. Bandwidth is never shared with other organizations, such as telecommunications companies, which could deplete available resources.
- The only bandwidth used is high performance bandwidth; this is not usually the case with bargain providers.
- Nine separate network providers including Abovenet, AT&T, MCI, Quest, Sprint, and SBC, are used to ensure multiple redundancies in the flow of information to and from the data centers.
- Every fiber carrier must enter the data center at a separate point; this protects against complete service failure in the unlikely event of a network cut.
- Rackspace uses a Proactive Network Management methodology which constantly monitors the route efficiency and end-user performance. It automatically adjusts the network topology and configuration in real-time to provide the most reliable and fastest network possible.
- The network is intentionally underutilized so that it can be resilient to large spikes in traffic and routing issues. Typically, the network operates at a 40% threshold, leaving 60% headroom for traffic bursts. Most companies operate at an 80% threshold, leaving much less room for bursts.
- The network does not have any single point of failure.
- Routing equipment is located in a separate secured core routing room which is fed by its own redundant power supply.
- All networking and security teams working in the data centers are required to be certified. They are also required to be thoroughly experienced in managing and monitoring enterprise level networks.
Indeed … it is not hype. This network is always fast and always reliable. You really do pay for the bandwidth that you get.