Data centre accreditations – what they mean and why they are important

There are many ways to assess a data centre, but with so many factors to take into account, it can be difficult. One useful way of getting a feel for a data centre’s commitment to security, reliability and environmental sustainability is through its accreditations. We work incredibly hard to ensure that we have the most relevant accreditations and that we keep these up-to-date. Our accreditations are much more than a simple ‘tick-box’ exercise – a lot of work goes into achieving and maintaining accreditations and the process gives us a clear roadmap for improving our operations, ensuring compliance with industry standards, and achieving higher levels of quality, safety, and efficiency.

A standard that provides a framework for establishing, implementing, maintaining, and continually improving a quality management system. The standard requires us to define our processes and procedures, and to measure and analyse the effectiveness of these processes in meeting client requirements and achieving business objectives.

This standard is focused on helping us to reduce our environmental impact and ensure compliance with applicable environmental regulations and requirements. It provides a framework for establishing and maintaining an environmental management system. In order to achieve this standard, we had to identify and manage our environmental aspects and impacts and set objectives and targets for improving environmental performance.

This framework for implementing and continually improving an information security management system helps us establish and maintain effective security controls to protect our information assets and manage security risks. The standard requires us to identify our information assets and the risks they face, implement a range of security controls to manage these risks, and regularly review and improve our information security management system to ensure ongoing effectiveness.

A framework for developing and maintaining an energy management system, which helps us improve our energy performance, reduce energy consumption, and cut greenhouse gas emissions. Achieving this standard required us to identify our energy use and opportunities for energy efficiency improvements, and set objectives and targets for reducing energy consumption and greenhouse gas emissions. We also have to regularly monitor, measure, and analyse our energy performance to ensure ongoing improvements. We underwent a rigorous audit to assess our energy management system against the requirements of the standard.

This set of security standards protects credit and debit card transactions against theft and fraud. To become PCI DSS compliant, we had to meet a set of requirements and security controls that are designed to protect payment card data. These requirements include:

• building and maintaining a secure network and systems;
• protecting cardholder data through encryption and other security measures;
• maintaining secure access controls to prevent unauthorised access;
• regularly monitoring and testing security systems and processes;
• maintaining an information security policy.

This voluntary initiative (developed by the European Commission in collaboration with industry stakeholders) aims to improve the energy efficiency of data centres in the European Union. The code of conduct provides a framework for data centre operators to measure, monitor, and reduce their energy consumption and carbon emissions. The code consists of a set of best practices and guidelines for data centre energy management, including recommendations for:

• measuring and monitoring energy use;
• implementing energy-efficient technologies and practices;
• optimising data centre layout and design;
• managing cooling and air flow;
• improving server efficiency and utilisation;
• reducing energy waste and standby power consumption;
• promoting renewable energy sources.

A DCA Class 3 data centre is designed to provide the highest level of availability and resilience, and is suitable for mission-critical applications that require uninterrupted operation. The standard defines the following requirements for a fully operational data centre:

• Redundant power and cooling systems: A DCA Class 3 data centre must have multiple power and cooling systems to ensure uninterrupted operation in the event of a failure.
• N+1 redundancy: All critical systems, including power and cooling, must have N+1 redundancy, which means that there is at least one backup system for every active system.
• Multiple independent distribution paths: A DCA Class 3 data centre must have multiple independent distribution paths for power and cooling systems to minimize the risk of a single point of failure.
• Concurrently maintainable: All critical systems must be designed to allow maintenance or replacement without disrupting operations.
• 24/7 monitoring: A DCA Class 3 data centre must have 24/7 monitoring and management to ensure the highest level of availability and resilience.