Protecting Data Centers Begins By Getting Physical
Considerations for Data Center Security and Getting Personalized Solutions
March 23rd was International Data Center Day, an occasion to acknowledge and appreciate the important role that data centers play in our industries and societies. At SAGE, we understand the critical need to physically protect data centers, as they often house highly sensitive or confidential information, user or industry data, and help keep utilities and other essential services running.
As with any other industry or business, a lack of physical security can be just as hazardous to data centers as any other kind of vulnerability. We’ve worked with enough CIOs, CSOs, and VPs of IT to know that physical security is always a consideration for these leaders and their teams when creating a new data center or managing an existing one.
But we also know the limitations both time and budget presents these leaders. Sometimes staying up to date with the latest strategies, technologies, and options available can be a daunting task.
That’s why we wanted to take an opportunity, in honor of International Data Center Day, to talk about some of the physical security strategies and technologies available and how they might best be incorporated into an existing data center or one being designed or constructed.
One quick reminder: the following sections are not a comprehensive checklist or guide. Any security system that isn’t hyper-personalized to your specific needs is going to have holes and vulnerabilities.
The intent of the following is to help you think through some general considerations and give insight into technologies and strategies you may not have known about or forgotten.
Let’s start with physical locations.
Build In a Secured Location:
If you’re starting from scratch or looking for a site to establish as a data center, then building or finding the correct location should be a chief factor in your data center security. Some areas to avoid or which raise red flags are as follows:
· Locations built-in or around airport landing paths
· Locations near power plants
· Locations built on natural or man-made flood plains
· Locations centered or near earthquake fault lines
· Locations that share proximity to chemical facilities
· Locations based in Areas or geographies that experience natural disasters (tsunamis, wildfires, hurricanes, tornados, etc.) on a regular basis.
One way colocation providers are seeking to mitigate the above risks is by building their data centers underground. Underground data centers can sometimes be the safest place to build, assuming the infrastructure supports a personalized and wide-reaching security strategy. If a data center is being built underground, consider implementing real-time air quality monitoring.
Install Physical Barriers
The quickest way from point A to point B is still a straight line – thus, the best way to keep unwanted visitors and bad actors out of your data center is to create physical barriers to keep those looking to do harm from getting from point A (outside your facility) to point B (inside your facility).
Physical barriers like chain-link fences, 1 foot thick concrete walls, guardhouses and perimeter gates, lone-standing retaining walls, and underground housing for the most sensitive technologies should all be considered or utilized. Consider also installing crash-proof barriers that help maintain a 100-foot buffer zone around the facility’s site.
Lastly, there are perimeter security technology solutions (such as radar-based solutions) that can be implemented in conjunction with a fence or gate to notify security teams or police that someone has trespassed into a part of the site they shouldn’t have.
Limit Entry Points
Limiting entry points to the data center will significantly lower the risk of physical break-ins. Consider establishing a single primary entry point for customers and employees. Additionally, you could install a secondary entrance in the back of the data center for loading and unloading – but this should be equally secured.
Along with proper entrances and exits, keeping a close eye on these limited entry points is essential. Proper surveillance will allow the data center’s security team to know who has come and gone from the building and who is currently occupying it.
Security Technologies to Secure Data Centers
Data centers require specific and personalized security technology that best suits their needs, staffing, location, and kind of information being housed. That being said, there are some technologies and strategies that we recommend being implemented regardless of the facility.
The first of these is to install multiple checkpoints throughout the data center facility. A process should be implemented which allows staff and visitors to gain access to parts of the facility, which can include verifications such as:
· Presenting ID at check
· Visitors are given badges and unique pin
· Fingerprint scanning for tracking\verification
· Consider other biometric technologies like facial scan, retinal scan, etc.
· Individual rack or cage keys
· Offices, conference rooms, and private suite accessed by specific badge key card
Gaining access to the actual physical servers in the data center should be the most highly secured part of the process, with server cages being an almost universally good idea.
Surveillance Monitoring Systems
Video surveillance is one of the best tools at the disposal of any data center security team or manager. Having comprehensive, high-resolution video surveillance that monitors the exterior of the facility, as well as each of the individual rooms inside the facility, should be a high priority. It’s difficult to secure what you cannot see.
Having video surveillance accompanied by an extended archival period is also useful in case of a physical breach or to simply double-check any concerns or events which may happen onsite.
At SAGE, we also recommend that video surveillance be augmented by weapon detection and shot detection software. These systems and software can be retrofitted into many existing surveillance systems and lend themselves to SAGE’s belief that prevention is of higher importance than detection, though both are essential to keeping your data center safe.
Personalized Solutions Start With You
When you consider the safety of your data center, each individual piece working together as a holistic and highly integrated system will create the very best protection. Individual elements that are not part of the system, even if they are working efficiently, run the risk of being neglected or unsupported. Keep all aspects of the data center’s security in mind as you consider building or upgrading your current system – physical, access, surveillance, and so on.
Naturally, while all these measures can be highly effective, as we mentioned at the top, they mean little if they are not tailored to your facility’s specific needs. In the same way that you wouldn’t just adopt another industry’s network protocols to protect the data under your care, you shouldn’t trust that another company’s or facility’s security protocols are right for you.
SAGE Integration believes that the solution to any security challenge starts with you. And we believe it so much that we create long-standing relationships with our clients based on this fact. Because even once a system is in place, security is not “finished.” It should be carefully maintained and adapt over time to new challenges or needs or evolve with technology to keep a consistent level of protection.
So, if the time has come to make the physical security of your data center (or another kind of facility) a priority, then we’d love the opportunity to meet and learn what your needs are and how we might be able to help.
You can start that journey by clicking here.
We’re so grateful to those in the Data Center industry for working with and safeguarding some of our most valuable resources and information. We appreciate you!