+PS-02 Redundancy Model
---+PS-02.01B
---+PS-02.02B
---+PS-02.03B
---+PS-02.01AS
---+PS-02.02AS
---+PS-02 Supplementary Information - Complementary Customer Criteria
|
1. Übersicht
PS-02 Redundancy Model
-
| Bezeichnung |
Standard |
|
PS-02.01B
|
The cloud service is provided from at least two locations. The locations meet the security requirements of the cloud service provider (cf. PS-01) and are located in an adequate distance to each other to achieve operational redundancy and resilience.
Operational redundancy of the sites to each other in the sense of this criterion is given if based on the assessment of elementary risks at the site corresponding distances of the premises and buildings to these risks are maintained. Very extensive events which, due to their extent, could affect several sites of the same redundancy group simultaneously or in a timely manner (e.g. floods, earthquakes) are not considered.
There are cloud service providers who no longer address the issue of reliability of the cloud service on a physical level through redundancy from two independent locations, but through resilience. The cloud service is provided simultaneously from more than two locations. The underlying distributed data centre architecture ensures that the failure of a location or components of a location does not violate the defined availability criteria of the cloud service. Such an architecture can represent an alternative fulfilment (cf. Chapter 3.4.12) of the criterion. The tests and exercises on functionality required in the criterion also apply analogously to resilient architectures.
|
|
PS-02.02B
|
Operational redundancy is designed in a way that ensures that the availability requirements specified in the service level agreement are met.
Operational redundancy of the sites to each other in the sense of this criterion is given if based on the assessment of elementary risks at the site corresponding distances of the premises and buildings to these risks are maintained. Very extensive events which, due to their extent, could affect several sites of the same redundancy group simultaneously or in a timely manner (e.g. floods, earthquakes) are not considered.
There are cloud service providers who no longer address the issue of reliability of the cloud service on a physical level through redundancy from two independent locations, but through resilience. The cloud service is provided simultaneously from more than two locations. The underlying distributed data centre architecture ensures that the failure of a location or components of a location does not violate the defined availability criteria of the cloud service. Such an architecture can represent an alternative fulfilment (cf. Chapter 3.4.12) of the criterion. The tests and exercises on functionality required in the criterion also apply analogously to resilient architectures.
|
|
PS-02.03B
|
The effectiveness of the redundancy is checked at least annually by suitable tests and exercises (cf. BCM-04).
|
|
PS-02.01AS
|
The cloud service is provided from more than two locations. The locations meet the security requirements of the cloud service provider (cf. PS-01) and are located sufficiently far apart to achieve georedundancy and resilience. If two locations fail at the same time, at least one third location is still available to prevent a total service failure.
A georedundancy of the sites to each other in the sense of this criterion is given if a very extensive event at a site under no circumstances affects several sites of the same redundancy group simultaneously or promptly. The BSI publication 'Kriterien für die Standortwahl von Rechenzentren' (German for: 'Criteria for selecting the location of data centres', document only available in German) provides recommendations in this regard.
|
|
PS-02.02AS
|
The georedundancy is designed in a way that ensures that the availability requirements specified in the service level agreement are met.
A georedundancy of the sites to each other in the sense of this criterion is given if a very extensive event at a site under no circumstances affects several sites of the same redundancy group simultaneously or promptly. The BSI publication 'Kriterien für die Standortwahl von Rechenzentren' (German for: 'Criteria for selecting the location of data centres', document only available in German) provides recommendations in this regard.
|
|
PS-02 Supplementary Information - Complementary Customer Criteria
|
Cloud service customers ensure with suitable controls that the existing redundancy model of the cloud service provider and the evidence for the verification of the model comply with their own requirements for the availability and reliability of the cloud service.
|
1.1 Referenzen
1.2 Identifizierte Anforderungen
1.2 Related Regulation
2. Identifizierte Anforderungen
Anforderungen
| Source |
Anforderung |
3. Related Regulations
Regulations
| Source |
Regulierung |
|