In this current world where informatization is rapidly progressing, information systems used by many users can be seen as social infrastructure. IT infrastructure that supports such systems requires sustainable quality maintenance, and thus ensuring environmental protection and control as well as information security has become more important than before. We spoke with Tsutomu Mizuko, who is responsible for facility management of the data centers, and Eri Uchida, who is responsible for supervising private cloud services, regarding the efforts of NRI, which has developed several data centers in Japan and has been providing cloud services.

Efforts to reduce environmental impact

Because data centers, cloud services, and other IT infrastructure are jointly used by many users, they can drastically reduce CO² emissions when compared to cases of individual users operating their own equivalent systems. In other words, it can be said that such a business model itself is contributing to the reduction of our environmental footprint. On the other hand, energy consumption of a consolidated IT infrastructure could not possibly be said to be low, and the IT infrastructure operated by NRI is no exception. In light of the foregoing, to fulfill its responsibilities as a business operator, in its daily operations and equipment design, NRI is generating various ideas for reducing its environmental impact.
For example, Tokyo Data Center I, which was completed in 2012, has adopted free cooling, which uses external air during the winter months for cooling, as well as solar power generation and a double deck system developed by NRI to achieve superior environmental performance. This double deck system is a system that completely separates the areas where computers are placed from areas where air conditioners, power supplies, and other maintenance equipment are installed, and uses pressure differences between the maintenance areas and computer areas to deliver cool air. By repeating demonstration experiments and obtaining patents, NRI has succeeded in drastically reducing the amount of power necessary to cool ICT equipment.
Through such activities, greenhouse gas emissions from NRI Group’s business activities in 2018 were38% less than the emission levels in 2013.

Operations that continue to maintain high control quality and security quality

In addition to taking the environment into account, for a safe and secure operation of IT infrastructure, it is extremely important to ensure control and information security. In particular, high-level control is necessary for financial systems. Based on guidelines issued by the institutions, standards are specified, risks are assessed regularly, and measures are carried out by NRI internally. Further, by independent organizations regularly conducting audits and assessments regarding such operations, and performing improvement processes, a high level of control and security quality is being ensured and maintained.
One example we can give is that NRI is not only deploying seismic isolation functions, power generation and power storage functions, reserve equipment, unauthorized intrusion prevention functions, and other equipment and functions, it is also routinely conducting inspections and training in terms of operations to ensure that such equipment and functions will work appropriately in an emergency. Regular training sessions that include large-scale failure drills are carried out at least 4,100 times a year. Further, NRI is continuing with its efforts to learn from risk detection activities and examples from other companies, establish rules and hands-on knowledge through training, and enhance and establish awareness regarding control and security quality.

Obtainment of many international certifications

As a result of such activities, NRI has obtained numerous international certifications. In 2014, NRI received the M&O stamp of approval, the first in Japan. This certification related to facility management and data center management was established by the Uptime Institute in the U.S., in light of a tendency even at facilities that satisfy standards for operational issues to occur and for services not to be provided at the expected level.
Further, as evidence that NRI’s internal control is performed properly, NRI has received SOC2 reports. These reports are assurances by an audit firm that internal control relating to entrusted services meets standards, and NRI has received this report every year from the perspective of availability and security. In addition to the foregoing, in relation to information security management systems, ISO/IEC 27001 and ISO/IEC 27017 certifications have been obtained.
Of course, obtainment of certifications in and of itself is not the goal, but NRI believes that its efforts to obtain such certifications will lead to even better PDCA and provision of a sustainable IT infrastructure.

Being a sustainable IT infrastructure

Regarding NRI’s efforts to reduce environmental impact, NRI is aiming to “derive 36% of the electricity used at the data centers from renewable energy by 2030”, and “derive all electricity used for business activities from renewable energy by 2050”. To realize such goals, it will not be sufficient to continue only with conventional energy conservation measures. Going forward, it will be necessary to consider how the energy derived will be used.

Further, to maintain and improve safe and secure quality, continuation of personnel development and fostering of an appropriate climate will remain crucial. Problems are not permitted in relation to data centers and cloud services that support societal infrastructure, and the situation is such that it would be difficult to learn from mistakes. In such an environment, how will we accumulate and continue to succeed knowledge and experience? NRI believes that it is important to continue with the various activities discussed earlier, utilize AI and big data, and further enhance quality.