DCTR-09

Is redundant power available for all data centers where institutional data will reside?

Explanation

This question is asking whether your data centers have backup power systems in place to ensure continuous operation during power outages or disruptions. Redundant power means having multiple independent power sources or backup systems that can take over if the primary power source fails. This typically includes components like: 1. Uninterruptible Power Supplies (UPS) - Battery systems that provide immediate backup power during brief outages 2. Backup generators - Longer-term power solutions that activate when main power is lost 3. Multiple power feeds - Independent connections to different parts of the power grid 4. Redundant power distribution units (PDUs) - Multiple paths for power delivery within the data center This question is asked in security assessments because power availability directly impacts system availability and data protection. Power outages can lead to: - Unplanned system shutdowns that may corrupt data - Security systems failing (physical and digital) - Breach of service level agreements (SLAs) - Inability to access critical systems during emergencies The best way to answer this question is to: 1. Clearly state whether redundant power exists in all data centers housing institutional data 2. Provide specific details about your redundant power infrastructure 3. Mention any relevant certifications (like Tier III/IV data center certification) 4. Note any testing procedures for your backup power systems 5. If you use third-party data centers, reference their power redundancy documentation

Example Responses

Example Response 1

Yes, all data centers housing institutional data have comprehensive redundant power systems Our primary data center maintains N+1 redundancy for all power systems, including dual power feeds from separate utility substations, multiple UPS systems with 30-minute runtime at full load, and diesel generators with 72-hour fuel capacity that automatically engage during extended outages All critical systems are connected to both primary and backup power distribution units We conduct monthly generator tests and quarterly full-facility power failover tests Our secondary data center has similar redundancy and is certified as a Tier IV facility by the Uptime Institute.

Example Response 2

Yes, we utilize AWS data centers for all institutional data storage and processing AWS maintains redundant power in all their facilities through multiple independent power sources, UPS systems, and backup generators Their data centers are designed with N+1 redundancy for power systems and are certified to various standards including ISO 27001 and SOC 2 AWS conducts regular testing of their backup power systems, and their infrastructure is designed to withstand utility power failures without impacting service availability We receive regular reports on their power system testing and have included their redundant power documentation in our attached AWS Shared Responsibility documentation.

Example Response 3

No, our current data center facility does not have fully redundant power for all systems We maintain UPS systems that provide 15 minutes of backup power for our most critical servers and network equipment, but we do not have generator backup We are in the process of migrating to a Tier III colocation facility with full power redundancy, with completion expected within the next 6 months In the interim, we have implemented graceful shutdown procedures to protect data integrity during power events and have prioritized our most critical systems for UPS coverage We can provide our migration timeline and the specifications of the new facility's power redundancy systems if needed.

Context

Tab: Infrastructure
Category: Datacenter