Data centers have become an increasingly important business, as enterprises acquire more and more servers to host their data. Amidst this trend, the need to keep data centers secure from physical and cyber attacks has become critical. While different defense mechanisms have been proposed, most agree that the physical security of a data center should be implemented in a layered approach.
Data centers have become an increasingly important business, as enterprises acquire more and more servers to host their data. In fact, a Research and Markets study notes that the value of data center construction contracts is estimated to reach US$22 billion by 2019.
Amidst this trend, the need to keep data centers secure from physical and cyber attacks has become critical. In a research commissioned by IBM and conducted by Ponemon Institute, it is estimated the average total cost of each data breach is $3.79 million, and total cost of data breaches has increased by 23 percent since 2013.
While different defense mechanisms have been proposed, most agree that the physical security of a data center should be implemented in a layered approach. This strengthens the invulnerability of the center, making sure that a breach at one point won’t affect the entire center as a whole. “A robust security system can be considered as layers moving inward from the facility’s perimeter to server rack level,” said ASSA ABLOY in a whitepaper titled “Defending Your Data Against Physical Threats.”
The first layer happens at the perimeter level, and a variety of perimeter detection technologies is used. “A perimeter fence equipped with sensors can serve as the first detection point for intrusion. This perimeter fence detection system can be integrated with intrusion alarms, limited access control points, high-definition video surveillance and motion-activated security lighting,” said Anixter in a whitepaper titled “The Four Layers of Data Center Physical Security for a Comprehensive and Integrated Approach.”
Then, as you make your way inward, security deployment at the facility and the server room serves as the second line of defense. “Commercial-grade doors, frames and hardware defend against unauthorized access to server rooms,” ASSA ABLOY said. “Security features should also be designed to withstand the elements in case of fire or flood. Doors may need to be rated for a number of hazards including climate control and airflow, natural forces, blast and ballistic, fire, and radio frequency shield.
Finally, should the unfortunate event of someone breaking into the server room happen, security of the server racks themselves serves as the last defense. “A loss of sensitive data could be crippling, destroying hard-earned customer trust, damaging brand equity and generating substantial non-compliance penalties. Given the high stakes, it’s unsurprising that data managers are pushing for access control at the server rack level,” said ASSA ABLOY, whose Aperio KS100 server cabinet electronic lock not only interfaces with HF RFID credentials to allow authorized access but also reports, manages, and notifies rack-level security breaches.
It is also important to keep in mind that video surveillance plays a vital role in the whole process as well. Thermal cameras can come in handy in areas where there’s absolutely no light, while cameras with wide dynamic range capabilities can help amid different lighting scenarios. IP cameras integrated with analytics such as motion detection, auto tracking and license plate recognition can play an important part, too.