Data Center Infrastructure
Iconixx operates a Tier IV, 2N data center with compliance for PCI, HIPAA, and SSAE 16 Type II.
- 190,000 square feet, reinforced poured concrete construction, including the roof, designed to handle winds of 200-plus miles per hour and windows designed to handle an impact of up to 150 miles per hour
- 61,000 square feet of raised floor (18” to 24”)
- Redundant HVAC with chilled water and backup chillers located on-site
- Air-handling monitoring for temperature, air quality, and humidity, 24/7, 365 days a year
- Smoke sensors above and below the raised floor
- Multistage production dry pipe system that requires alert from two sensors to activate pipe fill and a final stage, which activates when the temperature exceeds thresholds
- Dual cabling entrances into the building encased in four feet of concrete
Multiple CO redundancy and fiber access to primary carriers that:
- Run to two different local POPs
- Are provided by two different carriers
- Dual power grids from local power company with capacity for four megawatts of power at transformers
All power components are:
- 100 percent redundant (2N)
- Inside the building, including diesel generators
- Able to be maintained without loss of power
- Rotary-based UPS in 2N configuration (no batteries)
- Three diesel generators (1,250KW each)
- 6,750 gallons of fuel on-site with refueling contracts
- All power cabling on floors has waterproof casing with waterproof connectors to all equipment
All Iconixx building entrances require card key access. In addition:
- Primary computer areas require card key and biometric (IRIScan) authentication.
- More than 200 closed-circuit cameras cover the outside of the building, all entrances, and computer rooms.
- All cameras are taped on time-lapse recorders and stored for 90 days.
- At least two security guards are on-site at any time.
- The guard station is manned 24/7, 365 days a year, inside a bullet-resistant enclosure.
- All monitoring and alarm systems are on a UPS system within guard station.
All Iconixx firewalls are virtualized, with a redundant pair of Cisco firewalls in failover configuration.
Additional Firewall Security
Host-based Intrusion Detection (HIDS)
- HP OpenView
- GFI LanGuard
- Network Intrusion Detection (NID)
- Common appliance screens all incoming traffic
- Integrated with reports from firewall and device logs
- Event correlation and filtering
Database Layers and Isolation
Operational data schema
- Isolated customer schemas
- Designed and tuned for high transaction volumes
- Two-phase commit and rollback mechanisms
- Configurable and extensible
Reporting and data mart schema
- Separate from live calculations
- Designed for data retrieval performance
- Compensation, workflow, and HR data
- Scheduled, automatic population of schema
- Application user accounts are managed directly by customers.
- All user passwords are encrypted.
Password controls include:
- Minimum length
- Minimum number of lowercase characters
- Minimum number of uppercase characters
- Minimum number of symbols
- Password expiration period
- Prior password usage
- Automated password reset
- Automated password reset wait period
- Customer-specific Authentication (encrypted URL parameters)
- SAML 2.0
- On-demand uploads and downloads via application interface
- Web services
- 128-bit encrypted transfers
- Automated file uploads and downloads
- 1024-bit encrypted transfers
- Individual file encryption (like PGP) also supported