Critical Environment Services

Stream Critical Environments Services deliver mission-critical operations and services for a wide range of buildings, from multi-tenant carrier hotels to free standing Tier IV data centers. Core teams of highly trained technicians expertly provide operational services across a combined portfolio of Stream-owned, as well as client-owned facilities.

Stream’s critical environments methodology focuses on all areas of service delivery ranging from health and safety, hiring and training, to process improvement, tools and systems. A commitment to comprehensive account management and 100% uptime ultimately optimizes total cost of data center ownership.

Critical Environments Services Brochure

Passion and commitment are key to success in this industry. Stream’s methodology is how we approach business, and our values represent the promises we make every day to team members and customers.

Contact Us Today
Expertise and Agility

Stream critical environments services methodology upholds five critical categories of oversight.

  • Governance
  • Operations
  • Tools
  • Training
  • Continuous Improvement

Through MEASURES, such as document control, financial reporting and RACI matrix models for identifying roles and responsibilities, Stream maintains strict governance over data center operations. Compliance with recognized standards including PCI, HIPPA, ISO, SSAE 16 (SOC 1 & 2.) Stream provides audit support against compliance related to data center operations, physical security, insurance standards, ISO 9001 and FM Global.

Expert DELIVERY of end-to-end data center services is the mission of Stream Critical Environments Services, including these and other mission-critical activities:

  • Critical facilities management
  • Critical plant and area labeling
  • Critical PPM tracking
  • Critical project handover
  • Critical service report review
  • Critical spare tracking
  • Critical systems availability
  • Critical systems software backup
  • Critical work packages
  • Deferred maintenance
  • Emergency response procedures
  • Energy procurement services
  • Financial management
  • Fire suppression impairment
  • Incident reporting and escalation
  • Physical security
  • Property and asset management
  • Recruiting
  • Remote hands services
  • Remote monitoring/NOC services
  • Risk management communication
  • Risk register
  • Root cause analysis and after
  • Rounds and reading
  • Shift handover
  • SOPs, MOPs and ERPs
  • Vendor procurement and supply

The systems it takes to efficiently manage mission-critical environments are key to maintaining uptime and security. Stream employs a wide range of tools and training designed to ensure uptime, and provide visibility of all activity inside one’s mission-critical environment.

  • Matters for critical incident escalation and communication
  • Avid, InstaQuote and Yardi for financial reporting
  • Building automation, EPMS and DCIM for building efficiencies and effectiveness
  • Online CMMS, customer ticketing systems, internal operations and availability portal

Stream provides PERSONAL DEVELOPMENT of staff through a robust training curriculum that is complemented by professional development and certifications, along with a well-defined career path. Stream’s Critical Engineering Training Academy provides a multi-level development life cycle for staff, improving employee skill sets and knowledge to minimize risk of failure or disruption in mission critical facilities. Through this training, an increased awareness of human factors improves human performance, prevents outage, injury or death, thereby increasing the bottom line. Stream’s assertive recruiting and retention policies attract and develop the right talent, while retaining a valuable and consistent workforce.

  • Critical Environment Training Academy (CETA)
  • DC Pro training courses
  • Human factors training
  • Qualifications cards for site systems
  • Safety champion programs
  • Staffing skillset analysis
  • Uptime ATS and CDCMP accreditations
  • Site specific vendor training

Expert DELIVERY of end-to-end data center services is the mission of Stream Critical Environments Services, including these and other mission-critical activities:

  • Lessons learned documentation
  • Efficiency survey and financial reporting
  • Asset verification, condition survey and life cycle reporting
  • Vendor innovation charter
  • Critical environment consulting services
  • Energy audits and cost reduction initiatives
  • Single point of failure and systems availability reporting
  • Critical disaster recovery and business continuity planning
Compliance & Certification

The Stream Data Centers is dedicated to continually improving and maintaining compliance certifications that are critical to our data center customers. To this end, Stream maintains relevant certifications and attestations.

The Stream Data Centers Critical Environments Services practice is dedicated to continually improving and maintaining compliance certifications that are critical to our data center customers.

Compliance and Certifications Details
Security Through Compliance

Through disciplined assessment and audit processes, Stream has implemented comprehensive practices for ISO/IEC 27001, PCI DSS, HIPAA/HITECH, FISMA-High, SSAE 18 (SOC 1 Type II), Type 2 AT 101/SOC 2, HITRUST and CSA STAR. Stream is also prepared to assist customers with obtaining their FEDRAMP certification.

  • ISO 27001
  • PCI DSS
  • HIPAA
  • FISMA
  • SSAE TYPE II
  • HITRUST
  • CSA STAR

International Organization for Standardization (ISO/IEC 27001) defines specific controls that should be in place for an organization to be certified as in
conformance with ISO 27001.

ISO 27001 is an International standard providing a model for establishing, operating, monitoring, and
improving an Information Security Management System (ISMS.)

The Payment Card Industry Data Security Standard (PCI DSS) was created to meet the rising threat to individuals’ payment card information. Compliance with PCI DSS is mandatory for all organizations dealing with credit, debit and ATM cards, as defined by the PCI Security Standards Council, which includes industry giants like Visa, MasterCard and American Express.

PCI DSS is a comprehensive set of standards requiring merchants and service providers that store, process or transmit customer payment card data to adhere to strict information security controls and processes. The standard comprises twelve requirements, which include the following:

  • Security management,
  • Policies and procedures,
  • Network architecture,
  • User access management,
  • Network and systems monitoring, and
  • Software development.

Stream Data Centers provides physical security access to customer equipment through a combination of management systems and physical access safeguards and procedures. Stream Data Centers does not monitor or have access to customer data, so applicability is only to physical security and management processes that govern physical security.

The Health Insurance Portability and Accountability Act (HIPAA) regulation impacts those in healthcare that exchange patient information electronically. HIPAA regulations were established to protect the integrity and security of health information, including protecting against unauthorized use or disclosure of the information.

HIPAA states that a security management process must exist in order to protect against “attempted or successful unauthorized access, use, disclosure, modification, or interference with system operations.” HIPAA sets the standard for protecting sensitive patient data. Data centers must have certain administrative, physical and technical safeguards in place, according to the U.S. Department of Health and Human Services.

With colocation experts and secure facilities, staffed 24×7, Stream Data Centers can support your HIPAA compliance needs. Stream Data Centers meets required physical and administrative security controls, supporting your HIPAA physical security compliance through the following deliverables:

  • Controlled secure facility,
  • 24/7 physical security monitoring,
  • Network architecture,
  • 90-Day video surveillance & retention,
  • Compliance base audit reports, and
  • Security incident response notification.

Compliance is a shared responsibility. Your company must address, implement and manage all other technical and administrative controls outside of physical safeguards.

Stream Data Centers completed an independent security assessment of the information security controls outlined in the National Institute of Standards and Technology (NIST) Special Publication 800-53 revision 3 (SP 800-53). NIST 800-53 outlines the controls that are required to comply with the Federal Information Security Management Act, or FISMA.

All government agencies, government contractors, and organizations that deal with and exchange data with government systems must follow FISMA compliance guidelines. Organizations have to monitor, retain and maintain audit records of all security events as per FISMA (Federal Information Security Management Act).

The objective of FISMA compliance is to ensure that Federal departments and agencies observe measures to mitigate the security risks to critical data.

For federal agencies to use the services of a provider, the services must be based in a FISMA-compliant data center that meets the stringent security requirements mandated by the Federal Information Security Management Act (FISMA). The National Institute of Standards and Technology (NIST) creates and maintains the specific security standards that agencies and their vendors are required to follow to remain compliant.

Agency compliance is ensured by the Office of Management and Budget (OMB), which each year reviews federal agencies’ IT programs to verify that they are FISMA compliant, whether hosted on or off-premises. The scope of the assessment included Stream Data Centers’ documented policies and procedures, as well as controls implemented for its data centers. The controls that made up the assessment were awareness and training, incident response, maintenance, physical and environmental, personal security, and risk assessment.

Statement on Standards for Attestation Engagements (SSAE) are attestation standards put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA). This report is intended to be relied upon by the financial statement auditors of Stream Data Centers customers. The SSAE assesses the physical security, environmental safeguards and network monitoring controls implemented by Stream Data Centers. Assessing these controls through the SSAE demonstrates Stream Data Centers’ commitment to the protection of all IT assets.

Statement on Standards for Attestation Engagements (SSAE) are attestation standards put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA). This report is intended to be relied upon by the financial statement auditors of Stream Data Centers customers. The SSAE assesses the physical security, environmental safeguards and network monitoring controls implemented by Stream Data Centers. Assessing these controls through the SSAE demonstrates Stream Data Centers’ commitment to the protection of all IT assets.

CSA Security, Trust and Assurance Registry (CSA STAR) is the industry’s most powerful program for security assurance in the cloud. STAR encompasses key principles of transparency, rigorous auditing and harmonization of standards, with continuous monitoring also available in late 2015. STAR certification provides multiple benefits, including indications of best practices and validation of security posture of cloud offerings.

Related Resources

Download Report

Special Reports

The Mission Critical Data Center

Learn how to create complete resiliency and compliance in critical environments, in this special report from Data Center Frontier.
Download Report

Download Case Study

Case Studies

Maintaining Uptime Throughout a 1,000-Year Storm

How Stream delivered complete access and availability during an unprecedented weather event.
Download Case Study

Download Brief

Executive Briefs

Cybersecurity: It’s More than Just Technology

How the roles of compliance and physical access ensure virtual security for the enterprise.
Download Brief

Download Brief

Compliance Briefs

Security Through Compliance

Stream Data Centers designs its facilities to comply with rigorous standards set by trade groups and certifying organizations, while maintaining relevant certifications and attestations.
Download Brief

Download White Paper

White Papers

Solving Problems for Mission-Critical Operations Through Best Practices & Expert Methods

Critical environment services maximize uptime without compromising health, safety or security.
Download White Paper