Physical Security Controls

Site Location and Construction

The HSM and Activation Data are located in Tier III, SSAE-18 datacenters or stored in a two-person controlled safe located in a facility to which only Entrust-authorized personnel have access. Access to these facilities is restricted to personnel in Trusted Roles.

The computing facilities that host the Certificate issuance, revocation and status service components are provided by one or more Public Clouds. The physical security controls imposed on components residing within a Public Cloud are outside the scope of this CPS.

Physical Access

Two-person control is required for physical access to the HSM. Alarm mechanisms are used to notify security personnel of any violation of the rules for access to the HSM.

Power and Air Conditioning

The HSM is hosted in Tier III datacenters. The security zone is equipped with:

  • Filtered, conditioned, power connected to an appropriately sized UPS and generator;

  • Heating, ventilation, and air conditioning appropriate for a commercial data processing facility; and

  • Emergency lighting.

The environmental controls conform to local standards and are appropriately secured to prevent unauthorized access and/or tampering with the equipment. Temperature control alarms and alerts are activated upon detection of threatening temperature conditions.

Water Exposures

The HSM is hosted in Tier III datacenters and is not in danger of exposure to water. No liquid, gas, exhaust, etc. pipes traverse the controlled space other than those directly required for the area's HVAC system and for the pre-action fire suppression system. Water pipes for the pre-action fire suppression system are only filled on the activation of multiple fire alarms.

Fire Prevention and Protection

The HSM is hosted in Tier III datacenters equipped with fire suppression mechanisms. The facility is fully wired for fire detection, alarm and suppression. Routine, frequent inspections of all systems are made to assure adequate operation.

Media Storage

All media is stored away from sources of heat and from obvious sources of water or other obvious hazards. Electromagnetic media (e.g. tapes) are stored away from obvious sources of strong magnetic fields.

Waste Disposal

Waste containing sensitive information shall be destroyed, such that the information is unrecoverable, prior to disposal. Media used to store sensitive data shall be destroyed, such that the information is unrecoverable, prior to disposal.

Off-Site Backup

Backups of the CA key material and CA databases, sufficient to recover from system failure, shall be made on a periodic schedule in accordance with disaster recovery requirements in section 5.7.