Why use an offsite storage service?
There are many reasons to use this type of service:
Regulatory requirements: From listed companies who fall under the auspices of APRA, to other Australian companies who have a privacy responsibility, to U.S. company subsidiaries operating in Australia who must conform to the SOX Act, offsite storage fulfils the audit, process and disaster recovery requirements.
IT Disaster Recovery: The majority of companies rely on their computer systems to run the day to day business functions. If their computer systems are not operating, these businesses often stop functioning. The key to the quick recovery of all computer systems is timely recovery of the systems data. TMS stores this data for safe and timely recovery.
Backup control: Often IT departments have major problems managing the various backup cycles of many servers. TMS automates this function, ensuring that IT staff can get on with more important functions.
Peace of mind: Business owners, Directors, IT Managers and IT staff, are all concerned about the recoverability of their computer data. This issue is paramount for business survival and often job retention.
What security is in place to retrieve media?
TMS obtain "authorised signatories" from our customers, these consist of 3 security levels depending on the responsibilities of these staff. In addition customers have TapeTrack user i.d.’s for online access and a verbal password to use when retrieving media (not online).
What precautions do you take to prevent harm to the tapes in case of fire?
Fire security, similar to physical security relies upon layers of protection, starting from the outside of the building, working our way inside the vault.
It is also worthwhile mentioning here that tapes do not burn. The real danger from a vault fire is the adjoining building risks and combustible materials sometimes stored in a Vault. (Please note that TMS does not have any adjoining building risks or store combustible material in our Vaults). If you are investigating using a vault service, ensure that you investigate what is above the vault and check that there are no other tenants in the same building. If there are, ensure they do not store combustible material and also check what buildings adjoin the vault. For example, storage facilities and electrical sub stations could be gauged a risk by a Risk Assessor.
As an example of our fire protection, TMS' Sydney facility has double brick external construction. The vault is a room inside a room. There are no windows into the vault. External windows are protected by break glass detectors and or security bars and fire sensors. The building has two layers of smoke detection, office detectors, and in the vault VESDA smoke detection (Very Early Smoke Detection Appliance). Fire suppression is provided by a FM200 Fire Suppression system and handheld extinguishers, which are positioned to comply with AS 2444-2001 and AS 1851.1 – 1995. There are no paper products stored in the vault. Paper disaster recovery documents are stored in a separate fire proof room.
What measures are there to ensure that there is no moisture in the tape storage area?
Our vault air conditioning system is humidity controlled to 40% +/- 5% R.H. humidity.
How are the tapes stored? Are they kept together? How are they catalogued and retrieved?
Tapes are stored as per AS3636.4 (Australian Standard for tape storage). Tapes are stored in either slot or box locations in our vault, depending on customer requirements. As a general rule, we recommend slot storage for greater flexibility with retrievals. With Slot storage, tapes are stored in a purpose built tape rack; they are stored upright and in their own physical slot. The tape is barcoded and scanned into and out of the numbered slot by TMS staff. With Box storage, the tapes are stored in a purpose built tape box; the box is stored in racks, barcoded and scanned into and out of the numbered box rack. Regardless of the storage method used, tapes or boxes are catalogued by our vault management software called TapeTrack.
Are records kept to show when you receive our tapes and when you send them back?
This is done by automating the tape cycling and recording this in an audit trail. During the Implementation of each new customer, our Operations Manager personally sits with each customer to understand their tape cycling and this is then coded into the TapeTrack software which fully automates the tape cycling.
Cycling automation is done once only and the customer never has to worry about tape cycling again. An audit trail is created for the life of a tape and every tape “move” is tracked and audited by TapeTrack. If customers use a TMS (Tape Management Software) system, we encourage them to give us a TMS import file on a daily basis to automate the tape cycling process.
In the event of a major disaster (i.e. earthquake, terrorism, something that compromises this facility) what happens? How safe is our data? Can it be retrieved if something like this happens?
The key to answering this question is Risk Mitigation. TMS mitigated the risk by firstly, having our vaults located in commercial or light industrial areas. Assessments by our customers internal and external auditors confirms that we are in a low risk areas, with no adjoining or adjacent risks. Auditor assessment also covers our internal processes and procedures for things such as fire evacuation, security process, staff training, password control etc. In addition, TMS has a Business and IT DR Plan which is tested on a six 6 monthly basis. TMS' DR plan is reviewed annually by our Financial Institution customers who are required by APRA to ensure that their Key suppliers DR plans are in place.
The DR Plan is available to view under supervision by a TMS staff member while onsite for a vault inspection. Site inspections are subject to a Non Disclosure Agreement being signed.
What condition are the tapes stored in when in transit to and from our site?
The key here is to ensure that tapes travel from our vaults, in our vans and back to the customer with a minimal fluctuation in temperature. TMS does this by firstly packing the tapes in padded and or insulated transportation boxes or satchels. These then leave our vaults and are taken directly by our climate controlled, refrigerated air conditioned vans, to be delivered to the customer. The vault and van temperatures are monitored at all times.
What are your hours of operation? If we have an emergency and need something in the middle of the night, when is the soonest we can get it?
TMS operates 24 hours a day, 7 days a week. We offer a 1 hour delivery service level for all customers, at any time 24 X 365.
How do you ensure my (urgent) call goes to support staff after hours?
The vaults are manned continually by Operations staff to various times, depending on the day. The TMS 1300 303 587, 24 hour support number, automatically escalates to a paging service, which has our detailed and well documented Escalation Process in place to ensure a support staff member always gets your call. Our 1 hour service level, starts from the time of your call, so we must be able to respond quickly. The Escalation Process is the key to our 1 hour response and service level. It is tested regularly and works.
What site security measures do you have? (e.g. security guards, CCTV)?
Physical security is established using a layered approach, with each layer having a combination of physical and logical security protection. Firstly, our buildings are unmarked; we not publish the address, nor is the address in any legal documents. Externally the building is double brick construction for the outer perimeter, monitored by CCTV cameras. External doors are physically hardened with biometric access control (finger scan). Alarm systems have a combination of door, window and movement detectors, depending on the layer. Alarm systems are maintained and have maintenance agreements in place. The buildings are randomly patrolled by a third party security company. (Much of this information has been sanitised for security reasons).
Biometric scanners, can they be "hacked" like Myth Busters claim they did?
Myth Busers did in fact access the biometric system they used for their program. This program created major concern in the biometric industry and the Biometric Institute published a formal response. The Biometric Institute stated their were some fundamental flaws in Mth Busters approach:
Myth Busters obtained the cooperation of the owner of the donor finger (this would normally not happen in real life)
They then obtained 12 positive and 12 negative finger prints off him, which is also time consuming and unrealistic.
The biometric reader was set to read at a very low 3 minutia points. The FBI standard and TMS' units are set to 17
Further information regarding Biometrics is avaialbe from the minutia point link above.
The hierarchy of bytes:
One page of computer text requires 2 kilobytes of storage. The average document image requires 50 lilobytes of storage.
|1,000 kilobytes||= 1 megabyte||= 20 document images or 500 pages||= 10 to the power of 6|
|1,000 megabytes||= 1 gigabyte||= 20,000 images or 500,000 pages||= 10 to the power of 9|
|1,000 gigabytes||= 1 terabyte||= 20 million images or 500 million pages||= 10 to the power of 12|
|1,000 terabytes||= 1 petabyte||= 20 billion images or 500 billion pages||= 10 to the power of 15|
|1,000 petabytes||= 1 exabyte||= 20 trillion images or 500 trillion pages||= 10 to the power of 18|
|1,000 exabytes||= 1 zettabyte||= 20 quadrillion images or 500 quadrillion pages||= 10 to the power of 21|
|1,000 zettabytes||= 1 yottabyte||= 20 quintillion images or 500 quintillion pages||= 10 to the power of 24|
Courtesy of StorageTek, Data Storage New Prospects. New Perspectives, a paper by Fred Moore, Corporate Vice President of Strategic Marketing