Data centers, where key, sensitive data are held, require strong security measures. Perimeter protection, which serves as the first line of defense, is especially critical. This article takes a closer look at perimeter security for data centers.
Data centers, where key, sensitive data are held, require strong security measures. Perimeter protection, which serves as the first line of defense, is especially critical. This article takes a closer look at
perimeter security for data centers.
Needless to say,
data centers are mushrooming across the globe. According to Allied Market Research, the global data center market was valued at US$187.35 billion in 2020 and is projected to reach $517.17 billion by 2030, registering a CAGR of 10.5 percent. The rise in data centers is driven by a general migration of operations to the cloud, as well as other factors.
“The increase in user-generated content, streaming services, and online purchasing is creating a massive amount of data. The rise in the use of artificial intelligence (AI) is driving data growth even further,” said David Ellis, Account Executive for Enterprise Solutions at Genetec. “As organizations continue to collect data, their storage needs grow, driving the demand for data centers. This growth makes it difficult and expensive for organizations to run and manage their own servers. It’s no surprise that on-premises data center capacity is being ‘dwarfed’ by hyperscalers and colocation companies, which now account for 37 percent of worldwide capacity. That share is expected to grow to 50 percent in five years.”
Threats facing data centers
Due to their critical nature and possession of valuable equipment, data centers are subject to physical and cyberattacks. In October 2007, a data center in Chicago was robbed by two masked men, who attacked a lone IT worker and held him hostage for two hours while stealing computer equipment. On a related note, in South Africa, US$340 million is lost each year in copper thefts, such as a raid on a data center in Johannesburg in November 2017. These reports indicate breaches into data centers are a real concern.
“The data center holds critical data and are considered as an essential infrastructure for our society. Because of the importance of its data holding, data center is always targeted to be attacked both in the physical and the cyber world and confronts a threat from the breach by insiders as well as outsiders,” said Ken Arimura, MD of OPTEX (Thailand).
“For data centers, risks include any events or actions that can interfere with the availability of services. Threats come from both the cyber and physical domains. While cyber threats are becoming increasingly sophisticated and require the development of on-going proactive defense strategies, physical threats remain a very real concern and include unauthorized access, vandalism, theft and terrorism,” said Brad Martin, Director of Product Management at Senstar.
And these threats underscore the importance of keeping data centers safe and secure. “To demonstrate their ability to deliver on the promise of keeping data safe and available, cloud service providers commit to meeting a broad set of international, regional, and industry-specific compliance standards (ISO 27001 and SOC 2, to name a few). Transparency is a key requirement, as the results of rigorous third-party audits can be requested by customers to ensure accountability and credibility. A key component of these compliance audits is the physical security of the data center itself and the implementation of strict physical access controls to customer data,” Martin said.
Perimeter security
Indeed, security is a critical component to data center operations. While the interior of the center needs to be well protected, the perimeters, or the first line of defense to the facility, should also be guarded to deter intruders at the outside. This is why perimeter security plays a key role in data center security.
“Protecting the perimeter of a facility is the first line of defense and a critical part of any security plan. Perimeter intrusion detection systems (PIDS) provide early warning of unauthorized entry and offer organizations the following benefits: Reliable and effective detection, low nuisance alarm rates, integration with deterrence devices (lights, sirens) and assessment devices (cameras, analytics, other sensors), and effective response to security events using critical information obtained from sensors and surveillance systems,” Martin said.
“Part of preventing breaches starts with having highly effective perimeter security both indoor and outdoor,” Arimura said. “Alarm system is used in the most of data centers. The physical security sensor like our LiDAR sensors, fence-mounted optical fiber sensors and photobeam sensors to the perimeter protection as well as outdoor premises is used with an alarm system or VMS system.”
Denying entry to suspicious vehicles is also important in data center perimeter defense. “Data centers should know which vehicles are always on-premise using automatic license plate recognition (ALPR) technology. They should get a real-time inventory of vehicles on site, and limit lot entrance to vehicle license plates on approved lists,” Ellis said.
Layered approach
While individual solutions may be effective in their own right, it’s best to use them in combination when it comes to data center perimeter defense. Having an additional layer of security has many benefits, including improved efficiency and reduced false alarms.
“A layered perimeter design using a mix of technologies, such as radar, LiDAR, fence sensors, and video analytics, can be used to detect targets. When used with systems that support real-time synchronization of PTZ cameras and maps, your security team can have greater situational awareness,” Ellis said.
“To protect critical infrastructure like data center, we consider multi-layered security concept is a must. Having reliable physical security sensors coupled with security cameras and video management software (VMS) can help to create restricted security areas. Integrated security like this can help deter, detect and delay insider and outsider data breach threats while managing the day-to-day operations,” Arimura said.