International Data Centre Standards
Strict adherence to these standards is a critical part of our service levels
As enterprises continue to grow their data and reliance on the online world, data maintenance, storage, accessibility, and connectivity become increasingly critical to business operations. This means it is essential that your data centre infrastructure partner meets a variety of compliance and information security standards. Teraco Data Environments, Africa’s interconnection and vendor-neutral data centre, has implemented strict controls to meet industry standards, enabling more than 570 local and global organisations to host their data and critical applications in our compliant colocation facilities. Teraco has, through experience in a continually evolving landscape, developed a comprehensive compliance programme that addresses the compliance needs and requirements of its clients’ most stringent requirements across all facilities.
Payment Card Industry Data Security Standards
A set of security standards formed in 2004 and governed by the Payment Card Industry Security Standards Council (PCI SSC), the compliance scheme aims to secure credit and debit card transactions against data theft and fraud.
The PCI Security Standards Council offers comprehensive standards and supporting materials to enhance data security for the payment card industry. These materials include a framework of specifications, tools, measurements and support resources to help organisations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process — including prevention, detection and appropriate reaction to security incidents.
Teraco is certified for the physical security requirements of PCI DSS.
International Organization for Standardization
ISO is the world’s largest developer of voluntary International Standards and provides state-of-the-art specifications for products, services and good practices. This enables industry to be more efficient and effective. Teraco obtains ISO certifications for all its data centre facilities. The Integrated Management System (IMS) assists with standardising operations and reducing risk and is an integral part of Teraco’s business model.
Our facilities are certified and under the following standards:
ISO/IEC 27001:2022 Standard
Information Security, Cybersecurity and Privacy Protection Management
ISO 27001 is an internationally recognised best practice framework that specifies the requirements for establishing, implementing, maintaining, and continually improving an Information Security, Cybersecurity and Privacy Protection Information Security Management System (ISMS). This systematic approach to managing sensitive company information, encompassing people, processes, and IT systems, is vital in ensuring the security and integrity of your data.
- Global standard: ISO 27001 is widely acknowledged as the de-facto standard for information security management.
- Demonstrated commitment: It showcases our clear commitment to information security management to third parties and stakeholders.
- Interoperability: ISO 27001 provides a framework for interoperability between organisations.
- Client confidence: It instils confidence in our clients and stakeholders regarding how we manage risks and minimise exposure.
- Compliance support: It aids in compliance with other standards.
- Consistency in service delivery: ISO 27001 creates consistency in our service delivery, ensuring a reliable and secure environment for your operations.
ISO 9001:2015 Standard
Quality Management Systems
ISO 9001 is a certified quality management system (QMS) for organisations who want to demonstrate their ability to consistently provide products and services that meet the needs of their customers and other relevant stakeholders.
- Optimising operation efficiencies
- Enhancing client satisfaction
- Identifying and encouraging more efficient, time saving processes
- Highlighting deficiencies
- Increasing standardisation across the portfolio
- Providing for continuous assessment and improvement
- Including provisions for business continuity
ISAE 3402 Type 2 Attestation
Information Security Management
Report on Controls at a Service Organisation Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.
Teraco has obtained the International Standard on Assurance Engagements ISAE 3402 Type 2 Attestation, for the trust principles of security and availability, for its data centres in South Africa. This supplements Teraco’s existing PCI DSS certification for physical security. Assessed by independent auditors, the ISAE examinations demonstrate Teraco’s commitment to the highest standards of operational excellence for its 570+ clients. Compliance sensitive clients, such as financial firms, healthcare industries and publicly traded enterprises, often require ISAE 3402 and PCI DSS reports to validate security and availability controls.
ISAE 3402 are internationally recognized standards that report on operational controls supporting the data centre services that Teraco provides to clients. The report focuses on an organisation’s services provided, along with supporting processes, policies, procedures, personnel and operational activities that constitute the core activities relevant to users.
Ecovadis Sustainability Rating
What is ESG’s score rating?
An ESG rating can be broken down into three categories which are typically interconnected:
The Environmental score of an ESG rating deals with factors that affect the natural environment such as carbon emissions, natural resources, energy efficiency, waste management, and raw material sourcing. Factors that can negatively affect the Environmental score are irresponsible management of materials and waste, toxic emissions, and a lack of sustainable sourcing.
The Social score of an ESG rating is determined by customer satisfaction, human rights, labor standards, diversity and inclusion, data security, and privacy. Opposition from stakeholders can arise from controversial sourcing and poor working conditions within the supply chain.
The Governance score in an ESG rating examines the operating practices and standards of a company.
To receive a high Governance score, a company must be:
- Consistently measuring and evaluating performance
- Maintaining regulatory relationships
- Practicing risk management
- Compensating for achieving ESG goals
Investors want to see companies that practice strong business ethics, as well as provide transparency for stakeholders, customers, and employees.
How does the ESG score work?
The ESG score works by compiling data about the subject and weighing the issues against a standard scale. The EcoVadis ESG score examines the performance of a company across several themes, taking into account emissions, human rights, procurement sustainability, and more.
Why is ESG investing important?
Investors are placing more importance on non-financial factors when it comes to the analytic process in order to identify risk and potential room for growth. An ESG score helps to identify where a company stands in regards to its environmental, social, and governance practices, which can be indicative of operations that bring risks to investors, customers, and the global community.
- ESG ratings help investors to evaluate risks within a supply chain, as well as help identify areas of improvement.
- A good ESG rating is a quick and standardized way for investors, customers, and employees to gauge where a company stands in terms of environmental, social, and governance practices.
VMware Zero Carbon Committed
VMware Zero Carbon Committed
Partnering for a sustainable future
VMware Zero Carbon Committed providers have set goals to power data centres with 100% renewable energy or achieve carbon neutrality on or before 2030.
*VMware Cloud Verified Providers who host their cloud platforms at the Teraco data centre facilities can leverage Teraco’s sustainability commitment to attain Zero Carbon Committed status.