Please ensure Javascript is enabled for purposes of website accessibility
CAC Logo White

Security & Policies

Protecting Your Data and Empowering Your Research

Welcome to the CAC’s Security and Policies overview. Our top priority is safeguarding your research data, and we are dedicated to providing enhanced data centre security standards.

With state-of-the-art facilities and robust security measures such as advanced access controls, encryption protocols, 24/7 monitoring, and physical security systems, we ensure the utmost protection for your valuable research data. Explore our comprehensive administrative, technical, and physical safeguards, along with our security policy, acceptable usage guidelines, and terms of service. Rest assured that your data is in safe hands, allowing you to focus on groundbreaking research with peace of mind.
  • CAC’s data centre and its infrastructure are designed and operated with security in mind.
  • Following the least privileged principle, physical access is controlled and limited to only a small number of select CAC staff.
  • The data centre has a controlled entrance for customers, with visitor sign-in and escort.
  • All CAC staff have regular criminal background checks.
  • All CAC staff sign non-disclosure agreements.
  • All CAC staff undergo regular security awareness training.
  • CAC staff with privileged access are given additional security training.
  • CAC maintains written and adapted Security Policies.
  • CAC ensures our clients are well informed. We follow incident-reporting procedures to handle issues related to security and privacy.
  • On-call staff for emergencies.
  • Sensitive data is transmitted using industry standard encryption technologies.
  • Our secure websites use certificates from Trusted Certificates Authorities and are configured to use strong protocols and ciphers.
  • VPN certificates use at least a 2048-bit key length and SHA2 as its hashing algorithm. Two-factor Authentication is used to protect VPN credentials, while AES-256 is used to encrypt tunnel traffic.
  • CAC manages dedicated firewalls used to provide secure boundaries for client networks.
  • CAC event management collects logs and statistics from core nodes.
  • CAC manages a next-generation backup system offering dual encrypted backups using IBM’s flagship product Spectrum Protect.
  • CAC conducts vulnerability assessments on core websites and services for clients.
  • CAC operates its facilities using defined security perimeters with entry control.
  • CAC’s data centre is equipped with large Uninterruptible Power Supply (UPS) systems in a (n+1) configuration.
  • CAC has an on-site 500KW Generator with 24 hours of fuel and a re-fueling strategy.
  • An FM-200 suppression system protects the infrastructure from the threat of fire.
  • We have multiple Air Conditioning units equipped with redundant compressors capable of maintaining the ideal temperature and humidity in the data centre.
  • Cameras record activity in the data centre and maintain recordings for at least 90 days (about 3 months).
  • We have 24/7 third party monitoring for security and environmental alarms such as intrusion, fire, heat, humidity, and water.
  • CAC’s data centre has 10GB network connectivity including links to ORION, and multiple commercial Internet providers.