Why The Bunker?

The Bunker provides Ultra Secure Managed Hosting, Colocation and IT Outsourcing from within Europe’s most secure Data Centres which are outside the M25 yet within easy reach of London

Because security doesn’t come in a box

Security is our way of thinking and comes from the way our organisation and the individuals within it behave and think about security ; it is our first thought not our last, a mindset – the DNA of our organisation – the company culture. We consider everything outside the client firewall as hostile; even our own core network , we will encrypt wherever we are able. Simply put, we make everything as secure as we can and then consider it insecure and clients know that whatever we do, we will think security first.

We think about security from three distinct perspectives: Physical, Digital and Human. Our label for this approach is The Bunker Protocol™ and we apply it to everything we do.  It’s proprietary and unique to Bunker-built systems. It’s been developed as a result of our deep experience in delivering secure application environments, our contributions to the internet security industry, and our military heritage. The Bunker Protocol™ framework comprises of three parts:

• Military-Grade Data Centres – in Bunkers outside the M25 in Kent and our mirror facility in Newbury, both protected by integrated processes for physical, digital and human security allowing no unescorted access.

• Hardened Source™ – our unique combination of open source and proprietary technologies built and integrated in-house by staff vetted, security cleared and trained to adopt the process and culture that underpins Bunker Security.

• Flexible Support™ -  our services desk uses ITIL v3 best practices for all cases, but you decide what amount of incident management is appropriate to your in-house skill set and business processes

Our People

Ben Laurie was the founder of our culture and sits on the Security Council today. Ben is acknowledged as one of the foremost computer security experts in the world. He is the creator of Apache-SSL – the web’s de-facto secure web server application, and a core team member of Open SSL – the world’s most widely used cryptographic library. He is author of ‘Apache: The Definitive Guide,’ is a founding director of Apache Software Foundation (ASF) and the Head of the ASF Security Team.

All new job applicants voluntarily undergo an intensive security screening and CRB check carried out by an approved specialist company. Only after the formal report is received is the employment confirmed. During this probationary period, new staff have restricted and supervised access to facilities and systems.

The Bunker operates an internal training program. At interview, new starters are assessed by senior technical staff.  This information is recorded into The Bunkers training database at both an individual and departmental level.

Security Council

The Bunker Security Council manages policy and The Bunker approved software suite. A copy of The Bunker security policy is available upon request

Building secure systems

Our unique combination of open source and proprietary technologies built and integrated in-house. Our technical team will never accept default settings on any systems. We take every system specification, deconstruct it and custom build it to provide a secure system that’s fit for purpose. Security isn’t bolted on; it’s engrained in.

Because of our facilities

The Bunker owns and manages its Data Centres; amongst the most secure in Europe. Our Data Centres are housed within purpose built nuclear bomb proof military specified fortresses. This unequalled level of security and redundancy is coupled with the ability to support high levels of power and cooling and stringent access control procedures.

This means we manage the infrastructure and everything that goes on inside the facilities. It means we can offer complete flexibility in the size of suites or cages, power density and connectivity. It also means we have complete control. Control over power, cooling, access, maintenance and of course prices. And as you would expect from The Bunker, we control the security, which you will probably know is second to none.

Our facilities benefit from 3m thick reinforced concrete walls, solid steel doors, CCTV system with 24-hour video recording, visual verification of all persons entering the data floor, no unescorted access, Electro Magnetic Pulse Protection, Tempest RFI intrusion protection, , shared or dedicated partitioned areas redundant power, cooling and carrier neutral connectivity.

Our Data centres are based outside London. Whereas London is the second largest Internet Exchange in the world, unfortunately London is also one of the highest risk cities in the world. Flood, terrorism, theft and power are all real and present threats.

Some facts to dwell on:

• Since the terrorist attacks on London the national security level has not fallen below severe.
• The Financial Times reported that Scotland Yard uncovered evidence that Al-Qaeda had been plotting to bring down the internet in Britain.
• A Kings Cross Data Centre was robbed by thieves impersonating policemen who tied up security guards and stole over £2 million worth of equipment. The Metropolitan Police
• The amount of power shortages within London are reported to be on the increase and with the Olympics just around the corner this trend is set to become ever more common place. Datamonitor.com.
• London Resilience reported that during the summer of 2007, 12 out of the 33 London boroughs were affected by flooding.

Because of our technical service

The Bunker’s has a wealth of technical expertise on site 24/7/365 which may be applied to your system design, build and ongoing management. This expertise is also available to be contracted for specific projects or to supplement your own team at times of exceptional demand or on an ongoing basis.

The Bunker has its own MPLS enabled, fully resilient, redundant, multi-homed gigabit network. Clients may buy BGP, MPLS and VPN services from The Bunker or use their own network capabilities based on individual requirements. The Bunker operates on a Carrier Neutral basis, which means that you are not tied to any single provider for your connectivity.

Our service is proactive, high quality, sometimes innovative, but always practical, responsive and secure.  We never forget the enormous trust our clients vest in us.  As an organisation we understand that our success relies upon our reputation, and our reputation is earned by continuing to fulfil this trust and afford peace of mind.

The Bunker follows ITILv3 best practice guidelines and our project managers are Prince II qualified. Together with the disciplines practiced and independently audited as part of our accreditations, this provides a process framework that balances risk and mitigation with excellent service management standards – a balance our customers expect from a security focussed service organisation.

Because we understand risk

The Bunker is ISO27001 accredited and PCI DSS compliant.  The Bunker bears the BSI Kitemark. This is your assurance that our security and management procedures are regularly subjected to rigorous, independent testing to ensure that they comply with stringent standards for security, product performance and reliability.

The Bunker’s PCI DSS accreditation will help customers meet their own requirements when working towards PCI DSS compliance. The PCI DSS is a multifaceted security standard that requires applicants to demonstrate competencies across a range of disciplines including security management, policies, procedures, network architecture and software design.

The Bunker’s unique and proven approach to security has provided us the opportunity to add value to an exciting range of business critical projects for our clients. We have testimonials from many available upon request, however many of our clients come to us for security and understandably don’t wish to publicise their systems. We work with many household names within the Financial Services sector, as well as specialist ISVs, SaaS providers, security firms and a large range of Web Developers, protecting their business critical data and ensuring its available to those that need it, when they need it.

…and finally

Our mission is to provide clients who value a premium service built around security, the most secure data centre and managed services in the UK.  Our company combines unique physical environments with recognised excellence in digital security and Microsoft and Open Source solutions/technology.

We are a commercial organisation focused on adding value to our clients business.  Using a practical approach and drawing on our deep understanding of technology, we continually seek to reduce clients’ infrastructure costs whilst maintaining the highest levels of system security and availability.