eTera consulting

• U.S. Department of Commerce EU Safe Harbor Certification
• SSAE 16 Security Audited
• Business continuity plan
• Pandemic plan
• Information security plan
• Partnership with mindSHIFT for information technology resources
• Partnership with Equinix for network security

eTERA Consulting’s commitment to information and data protection sets it apart from many competitors who have not made the necessary investments to secure their clients' data.

SSAE 16 Security Audited

eTERA Consulting maintains a SSAE 16 security audited technology infrastructure. The SSAE 16 is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants. A SSAE 16 examination signifies that an independent accounting and auditing firm has examined a service organization’s control objectives and control activities.

An assortment of government-compliance regulations has been created over the past several years, including the standards imposed by the Sarbanes-Oxley Act of 2002. Under Section 404 of Sarbanes-Oxley Act (SOX), most companies require a SSAE 16 audited report from their service providers to evaluate controls, data centers, security, backup and system availability.

The SSAE 16 audit report is the de-facto method for a service provider to disclose control activities and processes to their customers in a consistent and reliable format. A SSAE 16 audit report includes the independent auditor’s provisions for the organization to consistently and accurately execute the company’s documented control environment and the effectiveness of such controls at protecting information assets from security and availability threats.

An exemption-free SSAE 16 Certification report is known by organizations in the United States and Europe. These countries recognize the report as a reliable indicator that a service organization has implemented an effective control environment. The report is also acknowledged as a critical component of Sarbanes-Oxley compliance. A copy of the auditor’s report of eTERA Consulting’s SSAE 16 compliance will be available after January 2012 and available upon request (2011 SAS 70 Type II also available). 

DATA CENTER

eTERA Consulting uses Equinix, Inc. (Nasdaq: EQIX) high performance International Business Exchange™ (IBX®) data centers and services for the highest levels of availability, security and application performance. Equinix operates 90 data centers in 35 markets around the world servicing over 4,100 customers.

eTERA Consulting selected Equinix in order to leverage their best-in-class data center services. These services include:

Reliable Power

Equinix IBX centers are designed to provide a robust power infrastructure with the highest level of reliability. These centers provide a minimum N+1 redundancy for every IBX power system, delivering the highest level of uptime availability. The Uninterruptible Power Supply (UPS) systems prevent power spikes, surges, and brownouts while redundant backup diesel generators provide additional fuel to keep the data center powered up in the event that public utility fails. The entire electrical system has built-in redundancy to ensure continuous operation.

Cooling

Equinix’s state-of-the art Heating / Ventilation / Air Conditioning (HVAC) system is a key feature of the premium infrastructure at its IBX centers. Each IBX center is designed with a robust HVAC system to provide stable air flow, temperature and humidity for equipment operation. To minimize downtime due to equipment failure, all major equipment in the HVAC system is designed with a minimum of N+1 redundancy and back-up generators to provide additional protection for customer operations.

Fire Detection and Suppression

Equinix IBX centers are constructed with cutting-edge fire detection and suppression systems that limit the potential for damage in the event of a fire.

Earthquake

Where seismic risk exists, structural systems at Equinix IBX centers meet or exceed seismic design requirements of local building codes for lateral seismic design forces. Equipment and nonstructural components, including cabinets, are anchored and braced.

Internal Controls

The internal controls used at Equinix IBX centers are SSAE 16 compliant. Additional information describing this type of compliance is available at the AICPA.ORG website.

Physical Security

Each Equinix IBX center utilizes an array of security equipment, techniques, and procedures to control, monitor, and record access to the facility, including customer cage areas.

All areas of the center are monitored and recorded using CCTV, and all access points are controlled. Every IBX center is staffed with 24-hour security officers to augment physical security featurfes, providing financial-grade protection.

Visitors are screened upon entry to verify identity, and in shared situations, escorted to appropriate locations. Access history is recorded for audit by customers. 

SAFE HARBOR CERTIFICATION

The European Commission’s Directive on Data Protection prohibits the transfer of personal data to non-European Union nations that do not meet its standard for privacy protection.

To provide a streamlined means for U.S. organizations to comply with the Directive, the U.S. Department of Commerce in consultation with the European Commission developed a "safe harbor" framework. The safe harbor is an important way for U.S. companies to avoid experiencing interruptions in their business dealings with the EU or facing prosecution by European authorities under European privacy laws. Certifying to the safe harbor will assure that EU organizations know that your company provides "adequate" privacy protection, as defined by the Directive.

eTERA Consulting is fully compliant with these safe harbor principles applicable to the collection and use of personal information which is obtained from EU customers. eTERA Consulting has been approved by the U.S. Department of Commerce as a safe harbor certified organization.