The need for compliance

Richard Banta, a grizzled veteran of compliance and President of Lifeline Data Centers, has earned numerous cybersecurity certifications throughout his career and worked in the technology industry for decades. “In the beginning of my career I completed security certification exams using a scantron and number two pencil,” said Rich. “It’s incredible to see how far cybersecurity compliance has come and how its necessity spans across every industry, worldwide.”

Lifeline, established in 2001 and located in the Midwest, is a leader in data center compliance, uptime and innovation. It provides data center and office real estate to companies who require uptime, connectivity and room for growth.

Rich is recognized as one of the two most credentialed data center professionals in the world and prides his company on being flexible and customizable, offering the absolute best customer experience. “We are extremely focused on relationships and ensuring all of our clients are happy,” said Rich. “A large component of customer satisfaction is safeguarding their most valuable asset, data.”

Being a trailblazer in the data center industry, he recognized the importance and growth of cybersecurity compliance and began exploring FedRAMP authorization.

Finding the best fit

In 2014, Rich began his search for an accredited FedRAMP Third Party Assessment Organization (3PAO) when A-LIGN was immediately recommended by a trusted colleague very familiar with FedRAMP.

“When I evaluated A-LIGN and performed my due diligence, I was pleasantly surprised by the competitive cost structure and friendly culture,” said Rich. “A-LIGN was priced at the same tier as other auditing firms who were producing less-than-impressive reports. At the time, A-LIGN was also fairly new to FedRAMP Readiness so while this was a learning experience for my team, the auditing firm was also honing their service.”

Rich and his team felt immediately at ease with A-LIGN’s leadership and federal experts and decided to move forward with the FedRAMP Readiness Assessment Report (RAR).

Earning FedRAMP “Ready” status

As soon as Lifeline chose A-LIGN as their auditing firm, they immediately kicked off the FedRAMP Readiness process. “From the moment we signed with A-LIGN, their staff has been incredibly personable, professional and knowledgeable,” said Rich. “In the event that we are assigned a different assessor than the previous year, there remains a level of continuity throughout the organization that makes my staff comfortable.”

As a leader of the company, Rich is no longer in the trenches, but regularly checks in with his staff to ensure their relationship with A-LIGN is running smoothly and the audits are going as planned. “I pay close attention to their non-verbal communication and read between the lines,” he explained. “My staff’s experience with A-LIGN has been universally positive.”

It’s no surprise that with Rich’s extensive background in technology, he found a great deal of value in A-LIGN’s audit automation and compliance management platform, A-SCEND. Being one of A-LIGN’s first FedRAMP clients, he was an early adopter of the software and feels technology made the auditing process less painful. “Even in the beginning stages of A-SCEND and sorting through all of the inevitable bugs, the software was still far better than anything else on the market,” said Rich. “Now using the newer version of A-SCEND, it’s incredible how far A-LIGN’s talented developers have come. The tracking mechanisms make the old days of manually managing evidence and artifacts seem like a distant memory.”

Adopting continuous compliance

Following their successful FedRAMP “Ready” status, Lifeline decided to further continue their compliance journey and pursue additional certifications. They briefly switched auditing firms and found the experience to be less than satisfying.

“We regretted switching auditors and returned to A-LIGN as soon as possible, said Rich.” Lifeline resumed their relationship with A-LIGN because they felt the firm treats them with dignity and respect. “It all goes back to the relationship; it’s personal, connected and cordial,” he said. “We have a wonderful working relationship with everyone from the leadership team, to the account manager, to the auditor, to the customer success manager.”

Continuing their compliance journey, Lifeline earned their SOC 2 Type 2 report and PCI AoC/RoC certification. Lifeline doubled down on securing their customer’s data by kicking off their ISO 27001 assessment process and was presented with a great deal of major findings. “Our first ISO 27001 audit was humbling to say the least,” said Richard. “I assumed we would pass with flying colors, but this was a great chance to fix our shortcomings and improve our security. The auditor did their job and did it well by finding opportunities for us to better secure our customer’s data.”

With Rich’s lead, Lifeline’s security team successfully earned their ISO 27001 registration. They actively continue their FedRAMP Assessments with A-LIGN but are still looking for a sponsor and therefore, not yet listed in the Marketplace.

A lasting relationship

With numerous compliance certifications under their belt, Lifeline plans to stick with A-LIGN as their auditing partner for the foreseeable future. “Working with A-LIGN is like working with Midwesterners,” said Rich. “The auditing firm is simultaneously professional, experienced, kind, positive and fair.”

Although Lifeline is rapidly growing and a leader in the industry, Rich and his co-founder remain part of the everyday business function. “We still sign all of our checks and A-LIGN’s is always done with a smile because we know the value that the firm brings to our company,” said Rich. “A-LIGN is an all-in-one compliance solution and we will continue to rely on them for auditing and readiness assessments for many years to come.”

Lifeline continues to stay in compliance and works with A-LIGN to conduct their PCI, ISO 27001 and SOC 2 certifications.

Next steps

To learn more about how A-LIGN can help your organization through a variety of cybersecurity compliance assessments and audits, please visit www.a-lign.com/services or complete this form and an A-LIGN expert will reach out to you within 24 hours.

About Lifeline Data Centers

Lifeline Data Centers provides outsourced, affordable, secure data center and cloud services with three locations across Indiana. Lifeline Data Centers and the founders are international leaders in data center compliance, uptime and innovation. Lifeline has served clients in healthcare, software, utilities, life sciences, cloud computing, government and more. The company has been awarded the federal government’s highest recognition for compliance meaning they are providing the most advanced, secure environments for data. For more information, visit https://lifelinedatacenters.com/.