Certified data centers and processes

Compliance, integrity and availability

Certification

ISO/IEC 27001:2013

The data centers of firstcolo (diva-e Datacenters GmbH) in Frankfurt am Main are certified by TÜV according to the norm ISO/IEC 27001:2013 and with multiple sites.

The main emphasis of the recertification was put to continuous adherence and further development of the Information Security Management System (ISMS) along firstcolo’s entire value chain. Key elements of the audit were both the business’ internal processes as well as the interfaces to customers and suppliers. The data center got a positive evaluation in terms of documentation and continuous development of the ISMS, the SOP’s (Standard Operation Procedures) and the BCM (Business Continuity Management) in all fields. All previously set KPI’s (Key Performance Indicators) in the areas of confidentiality, integrity and availability were either met or exceeded in both quality and quantity.

Tier 3 Data Center

The data centers in Frankfurt have also been certified by TÜV as “Certified Tier 3 Data Center”. The certification focuses on availability of information technology infrastructures and compliance with the legislation on data protection and fundamental IT security.

The different tiers provide information regarding availability, whereby tier 3 represents a “highly available data center 24×7”. In terms of infrastructure, the certification gives insight regarding the energy supply of the data center. Additionally, it provides information about the risk minimization via supporting technical systems and through connection to a highly efficient and reliable data network.

Furthermore, TÜV examined the operational management with focus on maintenance, fault clearance and servicing processes. The latter being necessary for an unrestricted operation of the technical infrastructure. Lastly, the requirements according to ISO/IEC 27001 were also examined within the scope of the IT security audit.

The validity of the certification can be checked online for the respective locations FRA1 (DC firstcolo AOC) and FRA4 (DC firstcolo Werkhaus).

PCI-DSS Certification

firstcolo has the globally recognized PCI-DSS (Payment Card Industry Data Security Standard) certification. The PCI-DSS certification guarantees security standards that are legally required for the processing and storage of credit card data. The PCI-DSS security standard is designed to protect online merchants and end customers from fraudulent attacks, credit card misuse and theft in payment transactions.

Strict security standards must be demonstrated in order to obtain PCI-DSS certification. In this context, the protection of online merchants and end customers always has top priority. Fraudulent attacks are not uncommon in card transactions in the financial sector – making it all the more important to have an IT infrastructure that meets even the highest security standards. This is the only way to ensure that transfers are processed appropriately and responsibly.

The validity of the PCI-DSS certification can be tracked online.

100% green energy

ZertifizierungThe power supply of the firstcolo data centers is provided from 100% green power during regular operation. Therefore, only renewables are used. To achieve this, First Colo uses the ÖkoBasis product of the Frankfurt-based energy provider mainova AG. This very product is certified by TÜV Süd, guaranteeing 100% green power from renewables. The requirements are verified according to “VdTÜV Basic Guideline for Green Power Products” of the leaflet “Energie 1304 Version 10.2014”.