Data center certification to build trust and foster attractiveness
Service continuity, security, and, more recently, environmental performance: data centers are at the heart of the digital transition and must increasingly prove their operational excellence. Obtaining certification is gradually becoming an essential step for their operators to meet the needs of stakeholders like investors, local authorities, businesses, clients, and users.
From service continuity to environmental performance
As the backbone of the information system, data center must above all guarantee stakeholders the highest level of availability. If service is disrupted after a breakdown, the indirect costs (related to the unavailability of hosted applications) greatly exceed direct costs (repair and return to service). Breakdowns can have several causes: a design flaw or defective equipment, human error, a cyber-attack, or a malicious act. To prevent breakdowns, it is therefore essential to have a global view of the risks related to data center operations.
Meanwhile, the issue of environmental and energy performance has become a major concern for organizations for both economic and ecological reasons. Energy expenses represent around 50% of the total cost of owning data center infrastructure. Additionally, society’s expectations have increased to the extent that companies are now seeking to reduce their data centers’ environmental footprint.
Guidelines and best practices to follow
There is a certain number of standards that can be used to implement the best practices in service continuity, security, and environmental performance. These standards can be either generic and applicable to data centers such as the ISO standards (14001, 50001, 27001), specific to data centers (Uptime Institute, Code of Conduct, etc.), or specific to certain hosted activities and data (HDS for health data, PCI-DSS for banking data, etc.).
These various standards are mostly used as best practice guides to design, build, and operate data centers. They also make it possible to structure activities and build momentum for continuous improvement and risk management. However, only certification, which is granted by independent experts, guarantees that all the requirements are indeed respected.
Data center certification: a market in the midst of change
In France, historically, only very large hosting companies undertook certification programs. But today, to meet market requirements and stakeholder expectations, this type of project extends to all types of players (public and private) and hosts (colocation, in-house, cloud) and concerns data centers of all sizes. While HDS and PCI-DSS certifications are mandatory for data centers that host health or banking data respectively, other sectors have a wider range of certifications to choose from that can vary depending on the objectives and stakes of each company: operational excellence, differentiation from the competition, or an improved image, attractiveness, or extra-financial performance. Certification then provides tangible evidence that can be used to attract new clients, talent, and even investors.
No compromises: working toward multi-certification
However, a trend is emerging, particularly among digital players: they have become aware that there can be no compromise between operational excellence, IT security, and environmental performance. That is why the industry is trending toward multi-certification and implementing integrated management systems to jointly manage all subjects.
Since most players already rely on standards, one or more certifications can be obtained within 8 to 12 months, on average. Furthermore, investment in this process may be eligible for incentives, for example from ADEME for environmental certifications.
In any case, it is certain that technological, political, and social changes will impact the requirements set in certification standards that reassure all stakeholders at all levels that their expectations are met. Whether or not the choice is made to go for certification, it is now a matter of initiating approaches to achieve excellence in the three areas in parallel: continuity of service, safety and environmental performance.
By Caroline Vateau, Director of the Sustainable IT Department, and Nicolas Becquet, APL Project Director.