Our customers trust our ability to provide resilient and secure data center solutions. In addition to day-to-day reliability and uptime, our data centers are expected to withstand short-term extreme weather events as well as the long-term impacts of climate change. Against this backdrop, Digital Realty has compiled a strong track record of reliability and resilience. We delivered “five nines” of uptime for the 13th consecutive year, exceeding 99.999% availability throughout 2019 for our owned and operated data center portfolio.
Data Privacy & Cybersecurity
Cybersecurity is an important element of customer data security. We have a dedicated Cyber Emergency Response Team based in Dallas, Texas. The team supports and responds to advance threats, intelligence correlation and enrichment, active threat hunting, and adversary take downs. Built-in security, zero trust and automation are guiding design principles to ensure we achieve Trusted by Design, our strategy which focuses on protecting our company assets and our customers’ privacy. Our technology approach is defense-in-depth, enabling layers of defense to better prevent, protect, detect and respond to cybersecurity incidents. We use a NIST Cybersecurity Framework to manage cybersecurity-related risk, and we perform third-party audits to benchmark our maturity.
We recognize that our employees, vendors and customers are key to a resilient cybersecurity strategy. All employees undergo annual cybersecurity training covering policies and security awareness. In addition, we simulate continuous phishing campaigns, raise awareness of social engineering tactics and develop Security Ambassadors. We collaborate with our vendors and partners to help them improve the security of their products and services, as well as understand how to deploy their products and services securely in our environments. We educate customers on how we keep them and their data safe and encourage security best practice feedback and advice from them. In 2019, we had no substantiated complaints concerning breaches of customer privacy or losses of customer data. For more information, see Privacy Practices.
Our facilities are secured via a resilient, defense in depth security platform consisting of multiple physical barriers, local security infrastructure and integrated technology enabling consistent process controls and reporting. This is supported and enabled by onsite security professionals1 led by our Portfolio Security Team and continuously monitored through a robust compliance and assurance program. Our Standard Security Protocol defines our security layers and includes:
- Site perimeter boundaries
- Lobby area guidelines
- Common area controls
- Segregated loading docks
- Restrictions to interior space
- Critical systems space access
- Data center space access
- Security infrastructure maintenance and testing
Each of our data centers has an Emergency Response and Business Continuity Plan which addresses risks to the site, identifies a Crisis Management Team and outlines operational and communications protocols in the event of an emergency. This Plan is reviewed and tested on an annual basis. For more information, see the Security page.
As part of our portfolio-wide business continuity cycle, in 2016 Digital Realty conducted a pandemic exercise for all sites in our global portfolio. Additionally, several sites in our APAC region conducted pandemic drills in 2018. Our business continuity planning includes operating our sites with minimal staff and the ability to institute this plan through remote monitoring of BMS systems and security systems. As part of our standard protocol, all of our data centers are equipped with supplies to ensure they remain fully operational if remote operation becomes necessary. We also regularly engage our critical suppliers to confirm their Pandemic Response plans and review their capacity to provide service continuity.
Our Regional Leadership teams and Government Relations department maintain active relationships with government and local authorities to ensure access to facilities is maintained for critical teams during pandemics. In the US, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has designated data centers, and the Information Technology and Telecommunications Sectors they house, as a “Critical Infrastructure Sector” with its critical employees designated as “Essential Critical Infrastructure Workers”. These essential workers help State and local officials as they endeavor to protect their communities while ensuring continuity of functions critical to public health and safety, as well as economic and national security.
We have secured access credentials from the Department of Homeland Security to ensure continuity of operations and emergency response. In Canada, we work through the National Cross Sector Forum, which designates data centers as a “Critical Infrastructure Sector.” We also work with Provincial authorities and other partners in Canada to ensure delivery of Emergency Support Functions as identified by the Department of Public Safety Federal Emergency Response Plan. In the EMEA and APAC regions, we continue to work with all relevant agencies to ensure that there is strong understanding of the services operating within our data centers and the critical nature of them. For more information, visit Digital Realty’s COVID-19 site.