Vault Data & Data Center Security & Procedures

Overview

This article outlines all of Vault's data and data center security policies, procedures, and certificates. 

In this article:

• Data Center & Technical Infrastructure Security
• Data Security 
• Change Management Policy
• Incident Response Policy
• Patch and Vulnerability Management Policy
• Certifications

Data Center & Technical Infrastructure Security

All data archived by the Web Archiving & Data Services division is stored in multiple copies in multiple data centers owned and operated independently by the Internet Archive. There are multiple geographically distributed primary data centers in the United States, primarily California with additional, smaller data centers in other parts of the United States, and data centers in Canada and Europe. All data centers are secure, including with restricted, monitored access, security provisions, permanent on-site staffing, and other security and resilience best practices. 

Internet Archive infrastructure security and sustainability measures include but are not limited to:

• Internet Archive ensures the physical security of the data repository through mechanisms such as controlled access, alarms, and fire protection.
• Security and monitoring of archived data is accomplished through a mix of internal and external systems; data integrity through internal routine tests; and system availability through the use of a commercial web service’s monitoring capabilities.
• IA maintains all data centers at ambient temperatures and humidity. This keeps power consumption down to the operational requirements of the racks (about 5 kilowatts each). IA also uses larger-capacity hard disk drives which allows for more data storage per rack than in traditional data centers. Lower power consumption and higher storage density allow for an environmentally sustainable approach to infrastructure. As IA owns and manages all its own data centers, this eliminates any dependencies on commercial middlemen and third parties that may not support green-friendly infrastructure designs.

Data Security

Internet Archive ensures that appropriate business continuity and disaster recovery facilities are in place and are tested regularly. At least three copies of data will be hosted on dedicated machines within our multiple data centers and will be backed up on hardware in repositories in at least two geographically separate locations for the duration of the hosting. These multiple distributed data centers provide automatic failover to help lessen the likelihood of a planned or unplanned service outage, and allow Internet Archive to sustain an uptime of 99.7%. All data and hardware is continuously monitored for operational resiliency and any data archived on behalf of institutional services is periodically audited for bit corruption via recurring fixity check in which a checksum is generated and verified against manifests of prior checksums. If the fixity audit is failed the identified copy of the file will be replaced with an uncorrupted copy.

Internet Archive data security and integrity measures include but are not limited to:

• Security and monitoring of archived data is accomplished through a mix of internal and external systems; data integrity through internal routine tests; and system availability through the use of a commercial web service’s monitoring capabilities.
• Data is refreshed onto the physical media and data integrity is maintained through digitally fingerprinting through a checksum, comparing it with a previous checksum, and rewriting the content to new blocks on a disk.
• Successes and failures to match expected results are logged, and appropriate individuals are notified in case of failure. Any reported problems are individually investigated, and our team repairs them by replacing failed hardware or restoring content from alternate copies.
• Incidents such as service outages or service performance parameters exceeding operating tolerances are detected, tracked on system support tools, and addressed promptly.
• Partners are notified in advance of any routine maintenance or system reconfiguration with the potential of service interruption.
• Internet Archive’s operations team and head of security monitor files and systems for malware, including zero-day events, using built-in facilities and tools. If any malware is detected in software systems patches are applied to prevent further intrusions and any impacted virtual machines are wiped and reimaged and any software is reinstalled.

Additional details on data protection can be found at IA’s Terms of Use and information on GDPR can be found in the related FAQs. 

Change Management Policy

This change management policy outlines how Internet Archive manages and controls changes to its IT systems or infrastructure to minimize the risk of service disruption, security breaches, or other negative impacts. This policy establishes guidelines and procedures for the planning, implementation, and evaluation of changes to our core systems and infrastructure.

• Change Advisory Board: Our Change Advisory Board consists of the Founder/CEO, and the various Executive Leadership staff responsible for running digital services and products and for managing infrastructure and technical operations. This group is responsible for implementing and maintaining any significant IA changes or changes to this policy.
• Change Management Process: All changes to IT systems or infrastructure must be requested to the Change Advisory Board and must include a description of the change, the reason for the change, and the expected impact of the change. The Change Advisory Board team will assess the change request to determine the potential impact of the change and whether it is feasible to implement the change. If the change is deemed feasible, the CAB will review the change request and approve or reject the change based on its potential impact on the organization's IT systems or infrastructure. If the change is approved, the relevant teams will implement the change following a pre-defined change management plan, including testing and validation before the implementation, under the supervision of the relevant Director. After the change has been implemented, the change management team will evaluate the change's impact on the organization's IT systems or infrastructure. 
• Change Management Responsibilities: All employees are responsible for following the change management policy, including submitting change requests through the proper channels and complying with change management procedures. All employees should receive training on the change management process policy and the procedures outlined in the policy. The change management team should receive additional training to ensure they have the necessary skills to manage changes effectively. The change management policy should be regularly tested and reviewed to ensure its effectiveness. The change management team should conduct regular evaluations of the policy's procedures and identify areas for improvement.

Incident Response Policy

This incident response policy establishes guidelines and procedures for the identification, response, and resolution of incidents affecting the organization's digital services.

Incident Response Process

1. Identification: All incidents should be reported to the Internet Archives Core Infrastructure and Operations team and its Infrastructure Security team. Incidents should be reported through Slack, Jira, email, and/or phone.
2. Assessment: These teams will assess the severity of the incident to determine the appropriate response, contain the incident to prevent further damage or disruption to the organization's digital services, take steps to mitigate the impact of the incident, and work to restore normal service as quickly as possible. Once the incident has been resolved a postmortem/retrospective will be conducted to identify areas for improvement.
3. Executive Leadership: Executive leadership is responsible for approving the incident response policy and providing the necessary resources to ensure the policy's implementation.
4. Training: All employees are responsible for reporting incidents to the incident response team and following the incident response policy's guidelines.
5. Testing and Review: The incident response policy will be regularly tested and reviewed to ensure its effectiveness. The incident response team should conduct regular exercises to test the policy's procedures and identify areas for improvement.

Patch and Vulnerability Management Policy

The Patch and Vulnerability Management Policy applies to all personnel, contractors, and vendors who have access to the organization's digital infrastructure.

Patch Management: Internet Archives maintains a patch management process that includes the following steps:

1. Identification of patches and updates for all systems, applications, and devices in the digital infrastructure.
2. Testing of patches and updates in a controlled environment before deployment.
3. Deployment of patches and updates in a timely manner.
4. Verification of successful deployment of patches and updates.
5. Monitoring of systems, applications, and devices for newly identified patches and updates.
6. Maintaining an inventory of all systems, applications, and devices in the digital infrastructure and ensuring that all patches and updates are deployed in a timely manner.

Vulnerability Management: Internet Archive maintains a vulnerability management process that includes the following steps:

1. Identification of vulnerabilities in all systems, applications, and devices in the digital infrastructure.
2. Assessment of the risk associated with each vulnerability.
3. Development of a remediation plan to address identified vulnerabilities based on the risk assessment.
4. Implementation of the remediation plan.
5. Verification of successful remediation of identified vulnerabilities.
6. Conducting regular vulnerability scans of all systems, applications, and devices in the digital infrastructure.

Certifications

All IA data centers adhere to ISO/IEC 27001 (guided by ISO/IEC 22237), the typical datacenter/facilities certification and some of these locations meet many common certifications including: SSAE-18, SSAE-16 Type 2, SSAE-16 Type 1, SOC 2, SOC 1, NIST Cloud, FedRAMP, HIPAA, NIST 800-53, ISO 14001, ISO 90001, ISO 27001, PCI-DSS.

Internet Archive is in the process of seeking certification from CoreTrustSeal, which replaced the Data Seal of Approval in 2018. Internet Archive is in the process of researching certification for the Federal Risk and Authorization Management Program (FedRAMP), which provides a standardized approach to security authorizations for Cloud Service Offerings provided to the United States federal government.