Risk assessments come in many forms, but the underlying purpose is to identify and document known risks to a given process or system and identify the consequences if that risk were to occur. With the risks both identified and quantified, an organizational response can be developed to either mitigate the risk from materializing in the first place or proactively putting solutions in place to minimize the negative impact should it occur.
At Datotel, we help our clients through this process of collating the known risks that are typically only found in the heads of their employees and distilling them into a documented form. Once documented, it’s much easier for the organization to address the risk and put plans in place to address them in a proactive manner. We focus predominantly on the data, systems and infrastructure itself to ensure security, confidentiality, data integrity, privacy and availability.
The goals of this process is to place the organization in a more proactive position to manage their risks and minimize their financial and reputation loss to the organization. Of course, this isn’t just a once and done exercise, but rather a methodology that produces ongoing deliverables to be executed to upon a given schedule.
For more information on our approach to risk assessments and how to conduct one at your organization, please contact us.
Here at Datotel and the Globe Building, we’ve recently completed some updates that we’re excited to share with you. First, we are excited to share with you the revamped Datotel logo. As our company has evolved and grown over the last decade, we came to realize that the symbolism that represented us in 2004 is not the same that represents us today. So we re-imagined our visual statement with an identity that is sophisticated, hip and modern. At first glance, you may just see Datotel with a funky “E”, but to us it represents power, growth, energy, cloud, colocation and so much more.
When you next visit the Globe Building, you’ll certainly note some of the more cosmetic modernization. From the improved garage lighting and the new parking space layout through to the updated elevator finishes. Likewise, gone are the tiles on the 3rd floor, replaced with the original concrete floor. Modernized and polished to a very hip, cool and shiny finish. We’re glad to have you check out our new look as you come to visit our offices.
But, for as cool as the lobby, floor and lighting are, what’s more important are the items you may not see on every visit. Such as the upgrades in physical security and access control. The common areas and stairwells now have new cage doors and automated access control has been put in place for an additional layer of security and compliance.
The last improvement is one that we are most excited to share. Our building garage has always been available 24×7, but the new automated badge based entry system will allow a more streamlined access for our clients in off hours. No longer will you need to call our NOC for entry after business hours, the secure door will open with your Datotel Security Badge. And I must add that the aesthetics of the new entry ways are now in keeping with the modern look of the building lobby that was updated earlier in the year.
Of course the easiest way to see the improvements are to come and see them in person. We’d love to give you a tour and show you around the building.
A common challenge for IT departments in today’s business environment is keeping up with the demands of the business. How can we ensure that our client’s data is protected and systems are reliable and available? All the while implementing modifications and upgraded environments in a time frame that doesn’t slow the business down.
To help to address this challenge at Datotel, we’ve adopted an agile philosophy called the Scrum methodology. Scrum is an approach defined by set roles, responsibilities and recurring meetings that don’t change. Through an iterative process focused around sprints, which normally last around two weeks, the Scrum team delivers on defined set of project outcomes on a regular basis.
While initially conceived for the software development industry, we’ve found that the agile methodology behind Scrum applies equally as well to both the project and operational aspects of what we do at Datotel. The general principles of the Scrum methodology are:
- Customer satisfaction is the highest priority.
- Open to changing requirements, at all stages of the project.
- Faster turn-around.
- Built on a foundation of teamwork
- Full leadership support to provide the team with the environment and support they need to get the job done.
- Conveying information to and within a development team via face-to-face conversation.
- Measuring progress through working environments and deliverable delivery.
- Maintaining a constant pace indefinitely, the Scrum process promotes sustainable development.
- Around-the-clock attention to technical excellence and good design.
- Ease, the art of “working smarter” is essential.
- Self-organizing teams, the best solutions, requirements and designs emerge from this structure.
- Adjusting behavior at regular intervals. The team can then reflect on how to become more effective, and fine-tune accordingly.
Ultimately, by using Scrum, we are able to provide our clients:
- Faster implementation
- More efficient delivery mechanism
- Flexibility with regards to change requirements
- Earlier deployment for parts of the solution
- Finding problems/blockers early so we can tackle them sooner
When you outsource elements of your IT support and environment, how do you know the partner you have chosen is operating soundly, efficiently and not exposing your data and systems to unwanted risk? It’s a bit like choosing to go on a trip with someone that has passed their driving test versus someone that just tells you they are a good driver, with no valid license. It sure is comforting to know the driver has demonstrated to an independent 3rd party that they know what they’re doing.
To solve this problem in the IT space, the American Institute of Certified Public Accountants (AICPA) developed an auditing standard SSAE16 (Statement on Standards for Attestation Engagements) SOC2 (Service Organization Control 2) through which organizations such as Datotel could demonstrate through an independent CPA auditing and attesting that not only do they have the necessary controls and processes in place, but that they are adequate, sound and being adhered to. The result is an annual report that you as the client can request that give assurances that you and your IT systems are in good hands.
This level of auditing shows a high level of discipline in the IT organization and means real and tangible positive differences for you and your organization versus working with a vendor that doesn’t subject themselves to these higher standards. It demonstrates the ability to mitigate security, reliability and availability risks, lowers your risk of outages, system performance issues, data loss and leads to an overall improved quality of operation. Armed with this information why would you choose a partner without this level of audit?
As I mentioned earlier an important distinction to look for in the report is to ensure the partner has gone through the Type 2 audit and not stopped after completing the initial Type 1 requirements. The former simply lets you know what controls are in place in the organization whereas the Type 2 audit not only examines what the controls are, but ensures that they are being followed. A big difference. Secondly make sure the report has covered all areas of the business and not been limited to just one service offering such as colocation space.
Datotel’s SSAE16 SOC2 Type 2 certification indicates that processes, procedures and controls adopted by Datotel have been formally evaluated and tested by an independent accounting and auditing firm. Datotel has been SAS70 certified since 2007 and subsequently SSAE16 certified since 2012 across all lines of business from Colocation to Managed Services, Cloud Services and Service Desk.