How Safe Are Hosted Desktops
A Hosted Desktop service is a very secure IT solution, not only in terms of data security but also reliability and availability. In most situations it will be a lot more secure than on premise infrastructure. A Hosted Desktop provider will employ a number of services designed to keep your data secure, ensure it is highly available and that it is recoverable in the event of a disaster.
While the media love to report high profile breaches in online security, more often than not these breaches are due to people using easy to guess passwords, or using the same password for multiple services. The security of data is a joint responsibility between the service provider and the user of that service.
What makes Hosted Desktops so resilient?
One of the primary reasons for moving your systems away from on premise to a hosted solution is to take advantage of the sophisticated infrastructure surrounding the service which, while requiring significant investment, are very cost effective for the individual customers.
These are just some of the systems employed by hosted desktop providers in order to offer Service Level Agreements of 99.5% or over:
- Virtual Server Clusters – Multiple physical servers are installed in data centres combined with a server virtualisation technology such as Hyper-V to provide individual virtual server “guests” for each customer. All the guest servers will be in a cluster which means they can be automatically or manually moved to another physical host in the event of hardware failure or overloading.
- Redundant Disks – All systems and data run on storage appliances with redundancy built in to every component. The disks are hot swappable to enable replacement of faulty disks without losing data.
- Uninterruptible power – There will usually be a multi-layered power plan for the data centres:
- Dedicated transformers feed the data centre from separate national grid supplies. If anything happened to one feed the second will take over.
- Onsite Diesel generators that kick in automatically if mains power is lost.
- Uninterruptible Power Supply (UPS) battery systems that cleans the power as well as bridging the gap between the power cut and the generators starting (usually no more than a minute).
- UPS have hot swap batteries and redundant circuitry.
- Modular UPS systems so that racks can be powered from different UPS batteries.
- Finally a controlled power failure test is conducted every month to prove the power plan works.
- Cooling – Excess heat can be extremely damaging to computer systems so the cooling systems in the data centre are guaranteed to keep the temperature between 18 and 27 degrees for 99.97% of the time.
- Two separate air conditioning systems are in place so that there is always a standby should one fail.
- The data centre uses “Cold Aisle Containment” so that the only way for the cold air to get out is through the servers cooling fans.
How are Hosted Desktop systems kept safe?
Again, using the economies of scale of multi-tenanted platforms it is very cost effective to provide a multitude of systems to keep your data protected.
- Water – this is an obvious danger to electronic equipment so hosted desktop providers take various measures to prevent risk of water damage:
- Data centres can be sited away from known flood plains.
- Air conditioning systems are gas rather than water based.
- Food or drink would not be permitted in the data centres.
- Flood detection systems will be in place in the underfloor voids.
- Fire – With all the electric equipment present in data centres the risk of fire has to be taken very seriously and there are multiple layers of fire detection and prevention that can be deployed to keep your data safe:
- Very early smoke detection alarms that continuously sample the air and use lasers to detect even the tiniest amounts of smoke long before it can be seen or smelt. This is an early warning system to help prevent fire before it ignites.
- Conventional smoke detectors in the ceiling and underfloor voids.
- Fire suppressant – if fire is detected gas can be released into the air to lower the temperature and reduce the oxygen levels. This gas is safe for humans and can extinguish the fire without having to cut power to the servers.
- Theft – As with other threats there will be multiple layers to prevent theft of data or hardware such as:
- Enterprise level firewalls to prevent intrusion.
- Communication is encrypted over the Internet.
- Physical security in the form of manned security 24/7 with CCTV cameras inside and outside the data centre.
- Entry to data centres strictly controlled and proof of ID required.
- All server racks are individually digitally locked and data centre staff don’t have access to the codes.
- All windows are barred and have one way glass.
- Perimeter fences surround exposed areas.
- Backups – While most of the above measures will hopefully never need to be used it is also important to make sure that should the worst happen your data is protected. For this reason data is backed up, usually off site to a second data centre.