What do you ask your Hosting Provider?
Hosting is becoming increasingly essential to business. Your web page is often the first impression someone has of you, and email is rapidly becoming one of the most commonly used ways we talk to companies and companies talk to their customers. Keeping it up and safe isn’t something you just want, it’s required. Many of the things that are essential to keeping that running, are things you probably would never think of to ask. Having been in IT since the late 90’s and having worked both for companies that used hosting and did hosting I’ve seen what can go wrong, and what keeps things running even when they do. If I were looking for hosting, here’s what I would ask about.
1) How do you get your network connectivity?
This probably isn’t something you think about much at your home or office, at least until it fails. Thinking about what happens when things fail is the difference between an experienced hosting company and a consumer Internet Service Provider. Getting access to your host at all times is essential, and there are specific techniques to do this. Internet connections should enter the facilities from multiple directions. Connectivity should come from multiple providers.
2) How do you get your primary electricity?
Just like network connectivity, this not an issue for day-to-day operation, however having multiple sources for power is incredibly useful when there is a problem such as a tornado, ice storm, or even an auto accident. Ideally, power should come from multiple independent substations, so that an issue at one substation, or at any point along the power lines is unlikely to completely disrupt access to commercial power.
3) How is your cooling infrastructure designed?
All that power we use to run the computers and networking equipment brings with it another cost, and that cost is heat. Getting rid of that is important, because if the equipment becomes too hot it can be damaged or fail. Most systems will attempt to shut down safely, but if the temperature change is sudden it may not be able to. If the building cooling fails, the best case is your server goes down, but at worst it could be irrevocably damaged. Cooling systems should be redundant to deal with a failure, and have backup power. Cooling loads can be hard to size a generator for, so it’s important to know they are backed up.
4) What on-site backup power do you have?
Even with diverse commercial power, interruptions will happen. Most of these are rather brief, from minutes to a couple of hours, but even a second without power can bring your server down. The solution is to have on-site generation capacity and battery backups to hold the equipment over until the generators can take the load. These battery backups, also called “Uninterruptible Power Supplies” or UPSes, come in a variety of shapes, sizes, and types; from the small 800VA line-interactive unit you might run your desktop at home on to double-conversion units in excess of 1 million VA.
5) How do you handle data resiliency and backups?
Your data is important; you wouldn’t be paying to store it if it wasn’t. What happens when a hard drive fails, or that critical email about a big bid is accidentally deleted? There’s any number of things which can happen to your, and your hosting provider needs to have planned for them and be ready to quickly recover it for you it when it does.
6) How do you destroy data?
As much as keeping your data in perfect condition for the time you need it is important, making sure it’s really gone when you don’t is too. The Bureau of Justice Statistics reports that in 2014 7% of persons over the age of 16 had their identity stolen. One easy vector to get that information is buying decommissioned hardware, so a rigorous data destruction policy is important to keep yourself and your customers safe. No retired or damaged disk should ever leave the data center without having the media physically destroyed.
7) How are your facilities physically secured?
Do they do primarily generic co-location? Are personal from many different customers coming and going, or is it limited to just the provider’s employees? This is much like the previous question, it’s about protecting from people who might have malicious intent. Many facilities have co-location customers coming and going, left on their own for extended periods of time. If someone wanted to, they could cause great harm to the neighboring rack before anyone could do anything about it.
8) Can I call up with a problem and someone will be there to resolve it for me?
Things go wrong. As Prussian Field Marshal Helmuth von Molke famously noted, “No battle plan ever survives contact with the enemy.” That doesn’t mean there shouldn’t be plans and preparations made, but it does mean they will, inevitably, have to change, as the reality of the situation unfolds. In hosting, being able to adapt quickly requires being able to get a hold of someone who can make things happen in the data-center. When a problem arises the support staff being able to actually bring operations staff into the conversation can be essential.
This is not a complete list of the criteria you should use when selecting a hosting provider. Having a clear understanding of your service provider’s data center and operations infrastructure is essential to your data security, your business’s operations, and your peace of mind.