Home Depot’s Credit Card Breach Can Spell Trouble for Businesses

Credit Card Breach Speculation has been growing in recent weeks about a cyber-attack at Home Depot.  Just this week, the home improvement retailer confirmed the worst – hackers breached its computer systems earlier this year and may have stolen millions of customers’ credit and debit card information.  The New York Times estimates the number of hacked card numbers could exceed 60 million.

Although the giant retailer is popular among homeowners, a large percentage of its sales are attributed to small business owners.  Drew Reading, an analyst for Bloomberg Intelligence, estimates 40% of Home Depot’s sales come from businesses.  As a result, professional contractors and others in the building industry may be disproportionately affected.

Similar to the massive data breach at Target stores last year, the Home Depot hackers are selling the stolen credit card numbers online.  The hacked data is showing up on the black market at a site called “Rescator.”

For affected customers, Home Depot is offering free credit-monitoring services.  Anyone who used a credit or debit card in a U.S. or Canadian Home Depot store between April and September 2014 may be a victim.

As with any potential breach, it’s the cardholders’ responsibility to monitor their accounts for fraudulent activity.  Checking statements and credit reports is the first line of defense.  Any suspicious activity must be reported immediately to the credit card company.

However, monitoring after a data breach may prove more challenging for businesses.  Often, business owners will issue cards to multiple employees. Verifying every transaction, even the small ones, on all of these cards requires extra work and diligence.

Although hackers can create a financial nightmare for cardholders, the good news is both consumers and businesses should not be held liable for fraudulent charges resulting from this or any other data breach.

Continue to read the CyrusOne Blog for information about CyrusOne data centers and colocation services.

How Data Center Certifications Help Healthcare Companies with Compliance

Data Center SertificationsWith healthcare organizations transitioning from paper-based to digital records, the resulting explosion of data is causing the industry to face many issues.  IT professionals within these organizations must focus on implementing meaningful technology to improve patient care, data management and cost containment.  At the same time, healthcare companies must keep patient data secure and adhere to strict governmental regulations.

How do healthcare companies meet all of these challenges?  The first place to start is with an evaluation of a provider’s data center certifications and data center compliance to HIPAA regulations.

What Does HIPAA Require?

HIPAA, or Health Insurance Portability and Accountability Act, was a law enacted in 1996 to define parameters around usage and disclosure of a patient’s protected health information (PHI).  Specifically, HIPAA requires healthcare organizations to maintain a security management process to protect against “attempted or successful unauthorized access, use, disclosure, modification, or interference with system operations.”

The growing number of electronic medical records has made complying with the law increasingly difficult today.  Because HIPPA regulations are taken very seriously, any non-compliance can have a devastating effect on an organization.  Violations of the law often result in substantial fines and/or jail time.

What are the HIPAA Control Categories?

HIPAA compliance is evaluated on three categories of controls established by the U.S. Department of Health and Human Services:  administrative, physical and technical safeguards.  Each of these controls is audited to determine compliance.

To provide the best protection against HIPAA violations, a colocation provider’s data center will meet the required physical and administrative security controls.  Specifically, the provider must support HIPAA compliance through:

  • A Controlled, Secure Facility
  • 24/7 Physical Security Monitoring
  • 90-Day Video Surveillance and Retention
  • Cabinet/Cage Perimeter Security
  • Badge and Biometrics
  • Compliance Base Audit Reports
  • Security Incident Response Notification

Who is Responsible for HIPAA Compliance – the Provider or Healthcare Customer?

Under each HIPAA category, the responsibilities for compliance involve three situations:

  1. The provider/vendor and healthcare company are both responsible
  2. The provider/vendor alone is responsible
  3. The healthcare company is solely responsible

Therefore, healthcare organizations cannot simply shift all of the responsibilities for HIPAA compliance to a third-party provider.  However, they can work together with a data center provider to meet the compliance requirements together.  In the end, the healthcare company is still liable for violating HIPAA guidelines.

Healthcare companies’ main emphasis has to be on providing the best patient care possible.  Fortunately, they can partner with a HIPAA-compliant data center partner.  A colocation provider with the proper physical safeguards in place can help protect the integrity and security of its healthcare customers’ PHI.

To learn more about colocation facilities and how CyrusOne can provide services to meet your specific needs, click here.

Building Your Own Data Center is a Costly Choice

Building an Enterprise Data Center

Unless you’re the size of Google or Microsoft, you need to think twice about building an in-house data center.  A recent Forbes article entitled “Why, Unless You’re Running with Amazon, Google and Microsoft, You Should Never Build another Data Center,” stated leasing data center space makes better sense from a business and technical perspective.

Significant data center resources are required to support the explosion in big data, cloud applications and mobile device use.  But, companies are finding it difficult to keep up with these increasing demands.

Should they build more data center space?  Or, should they lease space from a colocation provider?

The Best Use of Resources

Companies need to decide if they should invest in building a capital-intensive facility or move operations to a colocation facility.  With few exceptions, colocation is a better decision because:

1)      Companies today cannot afford to build an enterprise data center.  To design a facility at the levels required for ongoing availability, efficient power usage, military-grade security, as well as to accommodate future growth, a business would need a significant budget often exceeding tens of millions of dollars.

2)      Many companies can’t afford to update their own data centers.  With newer high speed servers being installed every three to five years, an in-house data center will need to make on-going capital investments to upgrade data center cooling and power infrastructure.

High Performance Computing (HPC) gear can save the company money and time, but it can only be implemented if the data center can handle the increased power and cooling needs.

In addition, the Forbes article states colocation data centers provide fast deployment, better Internet connectivity, higher availability to support the latest high-density hardware.

A Smart Decision

Regardless of size, enterprises are finding company-owned facilities provide little competitive advantage and can waste valuable resources.  A colocation data center provides efficiency, security, scalability and connectivity at levels most organizations can’t achieve.

Getting Ahead of the Technology Curve: Top Four IT Trends for Small and Medium-Sized Businesses (SMBs)

Getting Ahead of the Technology Curve: Top Four IT Trends for Small and Medium-Sized Businesses (EMBs)Four IT trends facing SMBs today will have a profound impact on an organization’s future. SMB executives need to understand these technology trends and develop strategies now to leverage them.

The four top IT trends facing SMBs involve:

  • Big Data Growth
  • Cloud Adoption
  • Mobile Deployment
  • Data Security and Privacy

The Data Explosion

Organizations are collecting and creating an ever increasing amount of data.  With the resulting information gleaned from big data, decision-makers can adapt strategies to improve both business operations and the customer experience.

SMBs generate data from countless sources, such as sales receipts, social media posts, customer surveys and Google Analytics, to name a few. Companies are now realizing how collecting and analyzing this data can help drive business success.

But it’s not just about generating more and more data. SMB execs need to know what to do with it after they collect it. Organizations must develop proper practices for protecting and managing all the data they collect. When properly managed, big data provides valuable insights into how SMBs can more intelligently and economically run their business.

Migrating to the Cloud

Over the past few years, several studies have concluded a large number of SMBs plan to move at least some of their in-house IT to the cloud. Although IT managers may have a hard time letting go of their internal infrastructure, the cost-benefit analysis for cloud migration in many scenarios just can’t be ignored.

The decision becomes much easier if the organization has a significant amount of legacy hardware and software. Rather than make additional, expensive investments in buying, maintaining, supporting and upgrading in-house systems, many companies are opting to access IT resources in the cloud.

Cloud services eliminate large, upfront capital expenditures. Organizations pay a much lower, consistent monthly fee and can quickly and easily scale their usage up or down as requirements change.

In addition to cost savings and scalability, cloud services help SMBs become more competitive. Cloud services enable all companies today, regardless of size, to leverage the latest IT innovations more economically. SMBs can focus less on maintaining IT systems and devote more time to serving customers and growing the business.

Going Mobile

The proliferation of smartphones and tablets is dramatically changing the business landscape. In fact, global sales of mobile devices are now outpacing laptops and desktop computers.

SMBs must be prepared to conduct business over these mobile devices. For example, more and more companies will want to facilitate mobile payments from customers.  According to Gartner, an industry research firm, the volume of mobile transactions will increase from $163 billion in 2012 to $721 billion in 2017.

In addition, SMBs need to create content appropriate for mobile devices. Mobile content can raise awareness, as well as target customers with location-based information and services. At a minimum, SMBs should optimize their websites for mobile devices.

Embracing mobile technology provides SMBs with opportunities to increase revenue, reach a broader audience and enhance convenience for employees and customers alike.

Stepping Up Data Security and Privacy Practices

Cyber attacks are here to stay so businesses need to take their data security and privacy practices seriously. During 2013, the number of security breaches mushroomed and 2014 shows no sign of experiencing fewer threats — no business has been, or will be, immune from the devastating effects of cybercrimes.

To counter these threats, SMBs must do everything they can to protect their businesses.  Keeping pace with the latest industry best practices for enhancing security and maintaining privacy is the starting point.

Because cyber-attacks continue to become more sophisticated the importance of staying up-to-date with security management cannot be understated. All organizations must never let their guards down.

Solutions Targeted to SMBs

In addition to enterprise customers, CyrusOne focuses its solutions on emerging and medium-sized businesses. For example, the CyrusOne Express product line was designed exclusively for the smaller business. To address the specialized requirements of SMBs, Express packages come pre-configured with cabinets, power and connectivity, and offer month-to-month contracts.

In addition, the CyrusOne Marketplace is a portal to simplify the process of shopping for and purchasing data center space.The flexibility of not being constrained by a long-term contract is an option most SMBs value.

Continue here to read the CyrusOne Blog for information about CyrusOne data centers and colocation services.

Tips for Hiring IT Staff in Emerging and Medium-Sized Businesses (EMBs)

IT staff hiring EMBsAccording to the Small Business Administration, emerging and medium-sized businesses (EMBs) [SB1] account for about half the jobs in the private sector and about 55% of all jobs in the country.  Yet, it’s often difficult for EMBs to find quality employees who are well-qualified to do the job and are a good fit with the corporate culture.  Staffing IT positions has been especially challenging for smaller organizations, given the high demand for technical talent in today’s environment.

However, the stakes for making a bad hiring decision run high.  Even if the best candidates may be hard to come by, businesses still need to take all the necessary steps to avoid making a hiring mistake.  The cost of just one person not working out can be 30% of the employee’s first year salary.  Therefore, to get the most from their labor investments, EMBs need to hire smart.  But what does that really mean?

Here’s an overview of what hiring managers need to do when filling IT positions:

  • Finding the Right Employees – First, organizations must locate appropriate talent for available positions.  Some effective tools to use include employee referrals, a special career page or website, online job boards, campus recruiting and internship programs.

For IT candidates, hiring managers can expand the tools list above to include social media sites, specialized resume databases, professional organizations, technology forums, blogs and online communities dedicated to IT topics.

  • Prescreening Candidates – Once resumes are submitted, EMB hiring managers need to prescreen candidates and decide who they will interview.  Good prescreening tools for IT staff include pre-hire assessments, personality and behavioral tests, and executive assessments.

In addition, certain assessments should be tailored to IT positions.  Since IT staff needs to be proficient in certain technologies, exams may be the only way to gauge the extent of the candidate’s qualifications.

For example, some IT hiring managers require candidates to complete IT certification practice exams.  The results of the exam will indicate the level of understanding the candidate has on a subject, as well as raise any discrepancies between what the prospect’s resume says to what he or she actually knows.  In addition, technology certification exams are a good way to tailor ongoing training for a new hire.

  • Interviewing Qualified Prospects – Interviewing requires a formalized process and careful consideration of the questions to be asked.  Although interviewers may use a set of standardized questions, they should tailor questions to each candidate with the purpose of gathering important information not collected through the resume and pre-screening tools.

Interviewers need to ask the hard questions.  For example, it’s a good idea to find out each candidate’s motivation for wanting the position and then determine whether they’re likely to thrive within the corporate culture.

Hiring managers need to also learn about a candidate’s accomplishments.  Since the role of IT is to support business initiatives, prospective employees must be able to put their technical knowledge into practice.

  • Selecting Final Candidates – After the interview, the cream of the crop should be apparent.  The next step involves conducting reference and background checks on the most promising candidates.

But before putting a candidate on the “short list,” hiring managers need to evaluate how the prospect will fit within the IT department.  A good number of IT workers work very long hours.  Spending a lot of time with coworkers means everyone needs to get along well for the IT operation to run smoothly.  If an employee has the highest technical qualifications but no social skills, he or she could cause issues for the team and overall IT effort.

  • Hiring the Top Candidate – If the hiring manager has done a thorough job, the chances are good the new employee will succeed.  Once onboard, it’s important to make the new employee feel welcome and part of the team.  Managers must also make sure to continually evaluate new hires against expectations and job requirements.

Filling IT positions requires more than finding the right technical skill set.  Since IT plays a critical role in supporting all functions within an EMB, each member of the IT team must offer well-rounded capabilities and be able to contribute to achieving the organization’s goals.

Continue to read the CyrusOne Blog for information about CyrusOne data centers and colocation services.

Top 5 Benefits of Outsourcing to a State-of-the-Art Data Center

 State-of-the-Art Data CenterWith numerous benefits recognized by business of all sizes, data center outsourcing has gained traction as a viable alternative to building and managing an in-house facility.  Senior IT executives can no longer ignore the significant value proposition associated with colocation solutions.

As a result, demand for these services have grown considerably in recent years.  Data center hubs have been created across the country, including Dallas, Phoenix, Northern Virginia, Cincinnati, and Chicago.  Each of these centers offers millions of square feet in data center space.

Each company has its own unique reasons for pursuing a colocation model – what may be the top benefit for one company may be further down the list for another.  Therefore, the following highlights five of the most popular motivating factors in data center outsourcing:

1.      Uptime

A data center outage comes with a significant price tag.  According to a Ponemon Institute study, the average cost of a total outage is approximately $680,000.  Therefore, data centers must be built with the necessary resiliency to avoid this huge cost.

Any number of external events could affect a data center’s availability.  Businesses may need to relocate offices, a power outage may occur or a natural disaster hits a company’s facilities.

Colocation provides a solution to these problems so companies don’t have to worry about downtime.  Providers offer sophisticated backup systems to keep things running even in the event of an outage.

In addition, the best colocation providers will offer Service Level Agreements guaranteeing extremely high levels of availability.  If environmental or infrastructure elements in the colocation facility are impacted, the provider must compensate its customers.  Therefore, colocation providers operate state-of-the-art facilities to avoid any downtime.

2.      Risk

Companies must always evaluate the level of risk in every decision.  Managing an in-house data center or migrating to a colocation data center often boils down to a thorough risk analysis.

For example, IT executives need to consider:

  • Distance Risk – Having all company resources in one location makes them vulnerable to outages and natural disasters.  By housing data center operations in a colocation provider’s facility, businesses reduce the risk of a single event causing widespread outages across the organization.
  • Growth Risk – With internal data center operations, companies run the risk of not being able to respond to changing requirements.  For example, a growing business may not have the resources to quickly and/or economically address changing computing needs.  However, data center outsourcing allows companies to easily scale their operations up or down.
  • Obsolescence Risk – For many businesses, building a data center can take years and cost tens of millions of dollars.  Unfortunately, the facility is usually outdated shortly after it’s completed.  Colocation providers assume the risk for technological obsolescence.  With their specialized expertise, they’re able to build leading-edge facilities quicker and more cost-effectively than almost every other business.
  • Compliance Risk – Today’s businesses must comply with a variety of government regulatory standards, including SSAE 16, the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data Security Standard.  Without dedicated staff with compliance expertise, maintaining the required standards is extremely difficult and expensive.  However, proven colocation providers have been audited by regulatory agencies and hold certifications confirming their ability to comply.
  • Security Risk – Building, managing and maintaining a secure data center facility requires businesses take advanced measures.  However, many companies are ill-equipped to provide the personnel, technology and processes to operate a highly secure data center.  Colocation providers can offer advanced capabilities such as biometric scanning, video surveillance, alarm systems, controlled access, 24/7 on-site security guards and reinforced physical structures.

3.      Cost

Today’s CIOs are under constant pressure to reduce all costs associated with IT operations.  Running an in-house data center adds a tremendous expense.

Data center colocation, on the other hand, shifts the capital expenses involved in building a company-owned data center to a predictable, monthly operating expense.  Huge capital investments aren’t required by the business, so they can use the savings to fund other projects.  The cost predictability also increases the efficiency of budgeting and resource allocation.

In addition, colocation providers benefit from discounted power costs.  Given the size of their operations, larger providers are able to negotiate discounted rates from utility providers that most companies would not be able to access.  Being the largest cost component in a data center, power alone can drain a company’s resources.

4.      Connectivity

In most top-tier colocation facilities, multiple carriers provide service to the data center.  As a result, a variety of carrier choices allows businesses to negotiate its telecom spending.  Such diversity creates an environment in which service quality and cost are greatly enhanced.

In addition, a colocation data center houses customer servers in climate-controlled facilities.  Network connections can maintain high bandwidth speeds and redundancy.

5.      Focus

Building a data center is an extremely difficult and expensive project.  After the facility is built, CIOs need to manage and maintain it to ensure ongoing peak performance.  The time and budget commitment required to keep data centers running efficiently creates a huge opportunity cost.

If CIOs didn’t have to worry about the data center facility, they could devote more resources to accomplishing corporate goals.  Data center outsourcing shifts the burden of operating the facility to the provider.

For many organizations, migrating to a data center colocation model makes practical business sense.  By maintaining uptime, mitigating risks, reducing costs, enhancing connectivity and improving focus, businesses are well positioned to perform within an increasingly competitive landscape.

To learn more about colocation facilities and how CyrusOne can provide services to meet your specific needs, click here.

Four North Dallas Cities Will Combine 911 Emergency Services in Dallas Colocation Data Center

Data Center 911 ServicesCyrusOne’s Dallas, Texas colocation facility, located in the northern suburb of Carrollton, is now home to the “North Texas Emergency Communications Center.”  The three-year project combines the 911 emergency dispatch centers of four cities:  Farmers Branch, Addison, Coppell and Carrollton.

Taking up 12,000 square feet of space within the data center, the 911 center will dispatch fire, EMS and police help from one centralized location.  The unified dispatch center will improve response times and save money.  Sharing resources will allow faster processing of calls and provide seamless service.

Farmers Branch estimates by combining resources it will save its city alone 15% to 20% in its public safety budget over 20 years. More importantly, faster response times can save lives.

The four cities have shared a variety of public safety resources for the past five years, including training and personnel.  However, they never shared a 911 dispatch center until now.  Without consolidation, each individual city was at risk of delayed response times.

When 911 calls come into the centralized operation, they will be assigned to the closest resource.  For example, if a call comes into the north end of Farmers Branch, but a Farmers Branch officer is at the southern border, the call could be assigned to a closer officer in Carrollton.

Currently, the North Texas Emergency Communications Center is moving its equipment into CyrusOne’s Carrollton data center.  Personnel will staff the data center space after the equipment is installed.  In 2015, the center hopes to be answering its first 911 calls.

To learn more about Dallas colocation facilities and how CyrusOne can provide services to meet your specific needs, click here.

CyrusOne Colocation Facilities Featured in PC Today Cover Article

Colocation Facilities in PC TodayIn the August issue of PC Today, CyrusOne colocation facilities are featured on the cover and in a feature article.  PC Today is a prominent business technology magazine providing decision makers with useful information about new and upcoming products and technologies.

The article, titled “Don’t Build Your Next Data Center. Lease. CyrusOne Provides All the Resources You Need,” discusses why it’s advantageous for companies to house their infrastructures in colocation facilities.

Organizations can quickly lease data center space, power, cooling, security and connectivity from a colocation provider.  The article further points out how colocation provides high levels of reliability and uptime through Service Level Agreements.

Mitigating Building Risks

Companies assume inherent risks when they build a data center.  In addition to the length of time and the amount of investment required, building a company-owned data center is fraught with risk.  One of the major reasons not to build is technological obsolescence.

John Hatem, CyrusOne’s senior vice president of data center design and construction says it best:

“When you build a data center, you’re building a 30-year asset for a two-or three-year systems technology cycle.”

Therefore, facilities built only a few years ago may no longer meet an organization’s requirements.  The business must then decide to continue operations with a sub-par facility, expand and upgrade the existing facility, build a new data center or lease capacity from a provider.

Investing $100 million or more into building a data center doesn’t make sense for many businesses, especially when the facility could be outdated in just a few years.

To download the full article, click here. 

To learn more about colocation facilities and how CyrusOne can provide services to meet your specific needs, click here.

Is Colocation Demand Outpacing Supply?

demand for colocationAccording to Nemertes Research, a technology research-advisory firm, the U.S. will experience a shortage of colocation space beginning in 2014.  By 2015, the facilities gap will grow to $1.9 billion.  Researchers arrived at this conclusion by comparing data center supply and enterprise demand.

The current and predicted availability of commercial data center colocation facilities has not kept pace with the user need for these facilities.  Many colocation providers, including CyrusOne, are adding locations to lessen the imbalance.  But at this point, demand is growing faster than supply.

Some interesting findings from the Nemertes study include:

  • The overall 2012 domestic market for commercial data center colocation facilities was approximately $18.5 billion.  This figure is estimated to grow to $31.2 billion in 2015.
  • In 2011, the estimated total colocation space in the U.S. was 67.7 million square feet.  By 2015, this figure is projected to be 144 million square feet.

Nemertes calculated demand by conducting primary research on data center usage.  The research company interviewed hundreds of enterprise organizations to measure current and future data center requirements.  Here’s what they found:

  • Data center outsourcing involves other options in addition to colocation, including platform-as-a-service (PaaS), infrastructure-as-a-service (IaaS) and cloud services.
  • Of the total amount of data center services outsourced by the study participants (colocation, PaaS, IaaS and cloud services), approximately 8.75% can be attributed to colocation.
  • This percentage of total data center space outsourced for colocation will rise to 14.11% by 2015.

These findings show colocation supply is growing, but not keeping pace with growth in demand.  Therefore, enterprises should partner with colocation providers offering a sound growth strategy along with the financial resources required to support growth plans.

CyrusOne has expanded its data center services to address accelerated customer demand.  For example, in Texas, CyrusOne experienced a 60% year-over-year growth rate and about 1% customer churn per quarter since inception in 2000.  Headquartered in Dallas, Texas, CyrusOne currently operates 25 facilities across the United States, Europe and Asia.

Continue here to read the CyrusOne Blog for information about CyrusOne data centers and colocation services.

How to Assess Risk in the Build vs. Lease Decision

deciding on data build vs leaseTo arrive at the right build vs. lease decision, enterprises need to understand the risks involved in making this decision.  Data centers are a technically complex facility comprised of power distribution, HVAC, electrical, network, cabling, flooring, fire suppression, racking, compute and storage hardware, and backup capabilities.

In addition to these technical requirements, the data center selection equation also includes a financial risk component.  On-going operating and capital expenses must also be considered in the build vs. lease analysis.

Maintenance and operating expertise are also risk considerations.  Organizations need to:

  • Understand internal processes and applications well enough to determine the level of availability required.
  • Determine which of the four tiers of availability the company needs, and understanding the trade-offs involved in moving from one tier to another.  The greater the availability and redundancy required, the higher the cost and complexity of the operation.
  • Assess what an outage would cost the organization in both hard and soft costs.
  • Evaluate the internal skill set of the business’ IT staff.  From a technical and management perspective, are they capable of managing the long-term operation and day-to-day maintenance of an internal data center facility?

It’s clear the analysis involved in the build vs. lease decision revolves around risk and it’s not just a technical consideration.  A company needs to determine who they want to shoulder the bulk of the risk in building and managing a complex data center operation.  When companies select a colocation model, this risk is shifted to the data center provider.

Although technical capabilities are important to analyze, the decision to build or lease data center space is really a business decision involving a comprehensive analysis of all the associated risks.

In most cases, by selecting a colocation model a firm can reduce the technical, financial and management risks of operating a complex data center facility.

Continue here to read the CyrusOne Blog for information about CyrusOne data centers and colocation services.