Just as Security Engineered Machinery has been the global standard when it comes to high security data destruction solutions, the Uptime Institute’s Tier Classification has served as the international standard for data center performances. The classification evaluates data centers’ server hosting availability and reliability, and for the past 25 years, the Uptime Institute has had over 2,800 certifications in over 114 countries across the globe.
With the Uptime Institute’s Tier Classification, comes four tiers that are centered on data center infrastructure and define the criteria needed for maintenance, power, cooling, and fault capabilities: Tiers I, II, III, and IV.
Before we dive into the Uptime Institute’s Tier Classification, I want to run through some data center vocabulary:
Uptime
Uptime is the annual amount of time that a data center is guaranteed to be available and running. This time increases in degrees of “nines,” or a 99% availability guarantee. A data center with 99.671% uptime offers far less availability and reliability than one that has 99.982% uptime.
Essentially, a data center wants to achieve as many “nines” as possible. A 99.9% availability (or “three nines”) will still allow for approximately eight hours of downtime per year. If a data center has 99.999% (“five nines”) then they have less than six minutes of downtime per year, or approximately twenty-six seconds per month.
Downtime
Downtime is the annual amount of time that a data center and its availability will be interrupted. Downtime can occur for a number of reasons: routine maintenance, hardware failures, natural disasters, cyberattacks, and the most common, human error.
Whenever a data center experiences downtime, there’s a cost: according to the ITIC’s 11th Annual Hourly Cost of Downtime Survey, an hour of downtime can cost some firms and corporations anywhere from $1 to $5 million, not including any potential legal fees, fines, and penalties. The more downtime a data center has, the higher the risk they run of data breaches due to the lack of or little protection and security monitoring they have during this time. It’s also important to mention that downtime not only affects the data center employees: downtime prevents outside customers and clients form accessing services and information, too. So even if a data center experiences downtime that does not result in a data breach, it can have very real monetary and reputational consequences.
Redundancy
Redundancy is a data center component designed to duplicate primary resources and power in the case of failure. These fail-safe systems can be in the form of backup generators, uninterruptible power systems (UPS), and cooling systems, to ensure that data centers can continue to run if another component fails.
Now, let’s dive into each tier!
Tier I
Tier I is a data center at its most basic level of availability. This first tier offers no guarantee of redundancy and at a minimum, offers data centers an UPS for power spikes, lags, and outages. Most small businesses and warehouses that lack around-the-clock operations with minimal power operate at a Tier I level. Tier I facilities operate on a single distribution path for power and cooling, which can easily be overloaded or fall susceptible to planned and unplanned disruptions. In return, Tier I offers 99.671% redundancy, meaning that there is a maximum of 28.8 hours of downtime per year, allowing a lot of vulnerable room for any kind of disruption and subsequent breach.
Tier II
Tier II facilities offer a bit more uptime, with a 99.741% rating, equaling no more than 22 hours of downtime per year. Like Tier I facilities, Tier II’s operate on a single distribution path for power and cooling but offer other options for maintenance and disruption mitigation. Some of these features include engine generators, cooling units, pumps, and heat rejection equipment. While not by much, this little bump in availability can guarantee data center’s reliability, but it still does not fully protect them from unexpected shutdowns.
Tier III
Unlike Tier I and II facilities, Tier III’s are generally utilized by larger businesses and offer more than one redundant distribution path, meaning that the infrastructure has the capacity and availability to fully support the IT load and offer backup to ensure performance and reliability. This spike in reliability allows for 99.982% of uptime, resulting in less than or equal to 1.6 hours of downtime per year.
While this tier is significantly more reliable, it is not completely fault tolerant. Tier III allows for routine maintenance without impacting service, but are still vulnerable to outages, spikes, and power lags.
Tier IV
Tier IV is the most sophisticated tier and is typically used by enterprise corporations. This tier offers twice the operational capacity (or 2N) as well as additional backup components (or +1), for ultimate reliability. In this tier, every critical component of the data center’s primary infrastructure is duplicated and fired at max capacity, meaning that even in a disruption, operations are able to continue.
Tier IV facilities offer a 99.995% uptime per year, or less than or equal to 26.3 minutes of downtime. While this level of classification can be the most expensive to implement, it is the one generally populated by government organizations and larger enterprise corporations.
Conclusion
The Uptime Institute’s Tier Classification demonstrates that in any data center setting and scale, it is absolutely vital to have redundancies in place in order to have the lowest amount of down time possible. Data centers should strive to reach the highest tier in order to maintain their high levels of performance, availability, and reliability.
In equal vitality, ultimate data center security also requires a detailed and clear data decommissioning program as part of their operations plan to ensure other safety, security, and operational safeguards are in place. The best way to achieve that level of security is with an in-house destruction plan for HDDs, SSDs, and other data center media types. When implemented improperly, data centers can fall subject to breaches and experience extreme financial loss and irredeemable public trust. At SEM, we offer NIST 800-88 compliant degaussers, crushers, and shredders that are versatile enough to fit in any environment and scale along with auditing and documentation systems.
Since our inception in 1967, SEM has served as the industry leader in high security, comprehensive end-of-life data destruction solutions that ensure the protection of sensitive, classified, and top secret information within the government, intelligence community, and commercial markets. Our solutions are specifically designed and manufactured to comply with the most frequently cited and stringent of regulatory requirements and compliance mandates, including the National Security Agency’s (NSA) Evaluated Product List (EPL) — which is used to determine if a data destruction device is approved to destroy the US Government’s top secret and classified materials.
Over the years, many data centers have pivoted to having the most secure data-decommissioning policy, in-house destruction. By using devices like the SEM 0300 shredder line, EMP1000-HS degausser, 2SSD, and iWitness documentation tool – data centers data is more secure than ever when the drives reach end of life.
The fact of the matter is: the further we get into the Digital Age, the more criticality there is in protecting our most sensitive of data. Corporations, businesses, and enterprises all require a data center that can deliver reliability comparable to their uptime requirements and an in-house data destruction plan.