The physical access to Combell’s data centre, inside the excellently protected infrastructure of InterXion, is very strictly regulated. At any given time (24/7), specifically trained security people on location will monitor the access to the building and its usage. Of course, there is also a video monitoring system, as in most other data centres. All the people and all the hardware that enter or leave the building have to be registered in advance.
Combell’s entire infrastructure is located in there in its own ‘private cage’, of which the access is once again strictly regulated. Only Combell’s systems engineers, who have successfully undergone a screening process when they have been hired, can access the company’s own private space. Combell customers have no access to the premises, except if accompanied and for very specific reasons.
Combell puts a high value on network security and therefore works exclusively with its own experienced security officers. In any case, a firewall is enabled. This firewall is strictly founded on established technology that has widely proven itself within the market. The precise architecture of the network protection is a choice that is made in consultation with the client.
For less critical applications, Combell customers can go for a shared firewall. This solution actually offers a sufficiently high security level where application rules are concerned. But on account of the larger number of underlying sites/servers, the odds are higher that the firewall will encounter problems in case of an attack or incident on another website.
A dedicated firewall offers much higher availability guarantees, in particular if those are also installed redundantly or clustered. In this scenario too, Combell offers full ‘managed services’: the settings and security rules are discussed in close consultation with the customer and managed 24/7 according to that agreement. The chosen firewall technology is confidential and is discussed directly with the client.
For highly sensitive data, Combell advises an approach involving several servers – for instance web servers (front-end), potentially also application servers, database servers – that are also separated from each other by a firewall. Only the servers that need direct contact with Internet are located in what is called the DMZ (demilitarized zone).
System management and backups can be performed optionally via a separate back-end firewall. The user traffic and system management are in this case strictly separated from each other. This back-end firewall also works as a VPN concentrator: by establishing a LAN-to-LAN connection (based on IPSec technology), or via a VPN ‘dialup point’, an encrypted tunnel can be set up between your office or home computer and your hosted environment.
A Virtual Private Network (VPN) is a data network within the Internet that has been isolated through encryption. There is no need for a personal, entirely isolated infrastructure because the isolated data traffic can only be decrypted by the receiver.
Malfunction and human error are still the main causes of data loss. Combell therefore advises you about appropriate data loss solutions (fault tolerance) and/or methods to limit its consequences (replication; back-up & restore).
Combell takes care of managing and verifying your data protection, for instance through regularly checking the integrity of replicated data. Our strict operational routines and vast technical experience offer the best possible protection of your data.
Lastly, Combell offers financial guarantees if, despite the appropriate precautions, data loss should occur after all.
With a dedicated 24/7 support team