Data Center Security

Comprehensive security maintained by audited physical, technical and administrative measures.

ONRAMP EMBODIES A CULTURE THAT EMPHASIZES SECURITY

Data Center Security

PHYSICAL SECURITY

As SSAE 16 SOC I Type II, PCI and HIPAA facilities, our Data Centers are regularly scrutinized on their physical security by third party experts.  Signage on public facing building frontage is kept to a functional minimum and our facilities are under surveillance 24/7/365. Our Data Centers are accessed only by two-factor authentication, using a combination of card keys and biometric scanners.  Visitors are authenticated in mantraps, a process in which OnRamp personnel match photo ID with records of authorized visitor lists.  Visitors that are authenticated must surrender their photo ID to the NOC personnel before being granted access to the Data Center and escorted by a member of the OnRamp NOC staff to their equipment.  Once inside our facilities, visitors are monitored at all times by over 30 cameras which stream to hard drives in the NOC. OnRamp maintains at least 90 days of video as part of our external audits and certification processes.

LOGICAL SECURITY

Multiple layers of security are employed for OnRamp’s managed infrastructure and network, including advanced monitoring software, intrusion detection systems, regular risk and vulnerability assessments, firewalls and other network devices.

All of OnRamp’s security systems are monitored 24/7 and activities logged according to stringent controls which are audited by third parties.  The SSAE 16 SOC I Type II audit generally includes controls over information technology and related processes, policies and procedures, including operational activities, and validates everything is performing at optimal standards regarding security, availability and operating integrity.

OnRamp can deploy effective intrusion detection monitoring, tailored to the requirements of each customer, by providing managed Intrusion Detection systems on selected Cisco firewalls for customers who desire the ability to actively detect malicious activity on their network.