Guide To Data Centre Security
Discover more about data centre security and rack access control solutions
What is data centre security?
Data centre security covers a number of areas from the protection of data from external attacks to the physical access and protection of the facility and the services that it provides. At its core data centre security revolves around the protection and access to the data that it handles. Breaches in data centre security that result in stolen or lost data can result in heavy fines, loss of customers, high recovery costs and reputational damage.
What are the key data centre security issues?
There are a number of key data centre security issues that need to be considered to ensure the protection of the data stored with the data centre.
- Access To The Building – How secure is the access to the data centre itself? Could the facility be accessed by unauthorised personnel? How well controlled is the access to the data halls once inside the building? What measures are in place to track movement within the building?
- Access To Data – With increasing cyberattacks how secure is the stored data from hackers? Are firewalls, and protection software applications up to date? What about the physical security of the data? How well protected is the data from physical access at rack level?
- Data Protection – As well as the access to the data how well is the data protected in terms of privacy, and compliance to regulatory standards? In the case of hardware failures how secure is the stored data and how quickly can it be recovered?
- Redundancy – What redundancy does the data centre have to protect it from power failures, fire or natural disasters?
What data centre security tools are available?
There are a number of data centre security tools that can be applied to improve the overall security of a data centre. From the outside a low-level appearance that avoids branding the building as a data centre. Limiting the points of entry to a minimum, and where fire exits are required ensuring they only open outwards. Improving locks on doors and incorporating advanced entry systems like bio-metrics. And on the subject of doors making sure hinges are located internally to the room preventing pins from being removed. On entry to the data centre having systems in place that prevent ‘passback’ of credentials or tailgating, where someone will follow the person in front of them through the door before it closes. CCTV is a major data centre security tool, having plenty of cameras both externally and internally will play a major role as a deterrent. These can even be placed at rack level.
As well as the physical security, other data centre security tools to consider are those that prevent cyberattacks so ensuring firewalls, antivirus software, spam and spyware filters are all up to date and regularly checked.
Then there are the redundancy security tools to ensure uptime is maximised. Power systems can be protected through the use of Uninterruptable Power Supplies (UPS) and backup generators. Fire suppression systems that incorporate environmental monitoring systems and provide alerts when thresholds are breached, can help negate more serious issues.
How can you retain security within a data centre or data room?
You can retain security within a data centre or data room by ensuring that the correct systems to control access are implemented. The system should be able to track the movement of an individual and issue alerts when an unauthorised event happens. When such an alert is triggered actioning it rapidly be it enabling a CCTV camera, sounding a siren or alerting a security officer of a potential security breach. Other systems that monitor the environment of the data centre can help protect the expensive IT equipment from overheating reducing the risk of failure and costly downtime.
Data centre rack level security management?
Data centre rack level security management is often the weakest link in the physical data centre security puzzle. Entry to the data hall itself is usually very well protected through proximity cards, biometrics and CCTV, but once inside the data hall rack level security is often overlooked. Cabinet doors are often removed or left unlocked, and even locked cabinets are vulnerable. Most IT cabinet manufacturers use a standard key lock on their racks so having a key for one rack will probably unlock other racks from that same manufacturer. Without a proper data centre rack level security management system, the security of the data stored within is at risk from physical access by disgruntled employees or visiting engineers without any traceability.
At EDP Europe we offer data centre security solutions that provide advanced rack level security management enabling you to control access to individual rack doors and know when a rack was accessed, how long for and by whom. All of this data is recorded as an audit trail to meet growing regulatory and compliance requirements. In the event of an unauthorised event alerts can be sent. This rack access control system can be further enhanced by the use of biometric access cards that provide dual-authentication without the need of replacing existing card reader technology or managing biometric data. In addition to this, the rack access control system can incorporate in-rack CCTV that records both authorised and unauthorised events. This recorded footage can be viewed in real-time or historically and downloaded where required.
Security at specific asset level?
An area often overlooked in data centre security is the security at specific asset level. With new equipment being installed, installed equipment being reallocated and redundant equipment being removed, how security is managed at asset level is vital to the security of the data that may be stored on the equipment. Manual systems are notoriously difficult to manage, a better method is the use of an asset management system. Most utilise RFID asset tagging that can be used to track the movement of an individual asset, be it a piece of equipment or even an individual. Fixed doorway RFID readers can track the movement as an asset enters or leaves a room, while handheld RFID scanners make the task of conducting audits easier and quicker. In trace mode the scanners can be used to locate misplaced assets in a fraction of the time it would take with a manual or even barcode system.
More on Security Solutions for Data Centres and IT Comms Rooms
