Secure Data Centers

    Data Centers

    Best Practices

    Compliance

    Protection

    D2L hosted services are provided out of tier 3 or greater hosting facilities. These facilities provide carrier-level support, including:

    Access Control and Physical Security

    • 24/7 guard surveillance including foot patrols and perimeter inspections
    • Servers are protected by several multifactor physical access controls
    • Video surveillance throughout facility and perimeter
    • Access to data centers is managed through each data centers respective change management process
    • Building engineered for local seismic, storm, and flood risks
    • Tracking of asset removal
    • Dedicated concrete-walled Data Center rooms

    Environmental Controls

    • Humidity and temperature control
    • Redundant (N+1) cooling system

    Power

    • Underground utility power feed
    • Redundant (N+1) CPS/UPS systems
    • Redundant power distribution units (PDUs)
    • Redundant (N+1) generators

    Network

    • Redundant internal networks
    • High bandwidth capacity
    • Redundant routers are configured for high availability
    • VLAN segmentation by security zone is deployed using multi-link trunks to create over a robust backbone

    Fire Detection and Suppression

    • VESDA (very early smoke detection apparatus)
    • Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression

    Certification

    D2L data centers undergo their own SSAE16 audits and maintain PCI Service Provider Level 1 compliance, ensuring that they meet industry standard security and procedural controls.
     
     
    Back to D2L security overview

    D2L hosted services are provided on Amazon Web Services (AWS). Physical and operational security processes are described for network and infrastructure under AWS’ management, as well as service-specific security implementations documented in Amazon Web Services: Overview of Security Processes, which outlines AWS’ data centre controls such as:

    • Physical and Environmental Security
    • Fire Detection and Suppression
    • Power
    • Climate and Temperature
    • Management
    • Storage Device Decommissioning
      o AWS uses the techniques detailed in NIST 800-88 (“Guidelines for Media Sanitization”) as part of the decommissioning process.
    • Amazon’s infrastructure fault tolerant design
      o Core applications are deployed in an N+1 configuration, so that in the event of a data center failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.
    • Certification
      o AWS holds numerous security certifications, which can be reviewed at https://aws.amazon.com/compliance/

     
     
    Back to D2L security overview