Security & Know Your Vendor

SECURITY & KNOW YOUR VENDOR

Protecting your data is our core business

Robust controls, as well as the prioritization of security and performance, is at the heart of our business.

Pioneering SaaS archiving

Two decades of providing cloud archiving, compliance, and legal solutions.

Your organization’s reputation and success are inextricably tied to the performance of your critical vendors. At Global Relay, we understand the important role vendor management and due diligence programs play in maintaining smooth business operations. Security, privacy, and confidentiality are fundamental drivers behind Global Relay’s services.

Global Relay Data Centers

We are committed to being a long-term partner in the success of your business. To that end, we have invested heavily in owning our entire technology stack. We control every aspect of our private cloud, from the software that powers our services, to the servers and networks on which these services run, to our primary data center.

Our ultra-secure, private green data center ensures we can meet the high standards our customers expect of us. A $60 million capital investment, this primary data center is a custom-built facility that we designed and operate from the ground up. It is mirrored with a secure co-location facility equipped with a dedicated Global Relay cage.

Mirrored, redundant, and secure.

The 200-rack, 5,000 server, 4-Megawatt capacity of our private data center provides unsurpassed scalability and performance to our 20,000+ customers.

Third-party verified business, operational, and security controls.

SOC 2 audits test and report on the design and operating effectiveness of non-financial internal controls at cloud vendors. These audits are based on Trust Service Principles that cover policies, communications, procedures, and monitoring.

Redundancy built-in

Network traffic is routed between two redundant Tier 1 ISPs with our mirrored data centers connected by redundant WANs. The primary data center is 100% fiber to the rack and our independently managed network uses active-passive redundant BGP routers.

Green Data Center

Our private green data centers ensure we meet the high standards our customers expect of us. This high-security facility demonstrates unwavering commitment to our customers and to the environment.

  • Powered by renewable hydro electric energy
  • Evaporative cooling systems
  • Redundant power, through flywheel UPS
  • Highly restricted facility access
  • 24×7 uniformed guard service
  • Electronic keycard access and biometric controls
  • Fire detection and suppression systems
  • Regular SOC2 audits

Operational Security

Cybersecurity Operations Center

Centralized security information and event management system (SIEM), collects and correlates logs in real time.

Risk Reduction

Targeted attack detection, and denial of service protections, keep data safe and available. 24 hourly scans and pre-release code reviews pre-empt threats.

Penetration Testing

Annual penetration testing by a third party auditor provides independent analysis of attack vectors and security vulnerabilities.

Recoverability

Highly secure, resilient, and scalable IT infrastructure in two mirrored data centers supports failover in the event of a disaster.

SOC2 audits

Vendor management and due diligence are best practices for all organizations. We engage third party auditors to conduct regular testing on our services, internal controls, and data centers. We make the resulting reports available to customers on request.

  • Global Relay’s services and multiple mirrored data centers undergo SOC2 audits at least annually.
  • Trust Service Principles cover security, availability and process integrity.

Network Security

Our rigorous approach protects the accessibility, integrity, and confidentiality of your data.

Host and network-based intrusion, detection, and prevention systems protect systems and services from attacks.

Legal Protections 

Customer data is kept confidential in accordance with our Master Terms of Service and data protection laws.
We own and operate all hardware and equipment used to provide services.