Access control plays an important role in various end user entities including data centers, where intrusion by unauthorized individuals can cause severe damage. Cybersecurity best practices should also be implemented to prevent virtual intrusion.
Needless to say,
access control plays an important role in various end user entities. These include
data centers, where intrusion by unauthorized individuals can cause severe damage and harm.
Cybersecurity best practices, meanwhile, should also be implemented to prevent virtual intrusion.
For data centers, physical security breaches by intruders or hostile actors are a main concern. This can result in vandalism, loss of equipment and disruption of service. That’s why having a robust access control system in place is important.
“Access control is simply vital for a data center. I have seen some small DCs choosing to treat it as door management systems, and not an identity management system. That is a very dangerous move and shows that not all DCs are built the same,” said Patrick Lim, Director of Group Strategy at Ademco Security Group. “We often recommend a strong visitor and contractor management system with a strong and customizable pre-visit registration, instead of traditional ones that are often very arrival-processing centric or labor intensive to physically assist the entire process.”
As for the type of access control credentials used at data centers, cards/fobs are still common. Yet multifactor authentication, whereby cards are used along with passcodes and biometrics, is getting more popular.
“Multifactor authentication should be used to ensure the right person is allowed inside. A combination of card and passcode along with any additional biometric layer only makes the access control even more robust. Ideally, the access control system should integrate with the video surveillance system for video linkage with any ACS-based alarms,” said Abhishek Ghosh, Senior Manager for Marketing and Communications, South Asia and ANZ, at JCI Security Products.
“Be it a colocation or managed DC facility, there can be a significant amount of visitors and contractors at the site on any given day. For staff, card and facial recognition is becoming the new norm; some uses fingerprint biometrics, but dual-authentication is the norm for highly secured areas and after-hours access. Multimodal biometrics is not the norm yet for DC, probably because many still feel MFA is more important and practical,” Lim said.
According to Adrian Tan, Regional Lead for Singapore Business Unit at SALTO, aside from multimodal multifactor credential authentication, there should also be thoughtfulness on data center access and procedural workflows.
“Incorporating digital access control devices to secure access to server racks for example is a low hanging fruit with immediate benefits by way of enhancing traceability through access device audit trails,” Tan said. “Leveraging on digital/mobile credentials to grant/revoke access to doors and server racks, is also another strong use case. This allows organizations to create robust workflows (that is, multi-stakeholder approval before granting access), automate procedures to reduce potential human error (that is, set auto-expiry on granted access) and mitigate risks associated with vulnerability of physical items (that is, passing around of cards/keys, cloning of cards/keys).
Cybersecurity
Physical aside, virtual intrusion into the data center is also a major concern. Considering the fact data centers are where important data are hosted, a cyber-breach may cause irreparable harm. That’s why data center operators also place a strong focus on the cybersecurity of their facilities.
“Whether data is housed on-prem or in colocation companies, security remains the industry’s top concern. Cyberattacks are becoming more sophisticated and able to elude traditional data center security protections. Compliance regulations are growing increasingly complex. The fact that for many data centers, physical and information security are treated separately leaves a big gap. There’s no difference in the result whether a hacker accesses a network through a video surveillance camera, HVAC equipment, or an employee’s laptop. As cyber threats grow, physical security and IT need to work together to safeguard network infrastructure,” said David Ellis, Account Executive for Enterprise Solutions at Genetec.
Indeed, hacking and intrusion concerns warrant well-implemented cybersecurity best practices. These, according to Martin Hogberg, Senior Solutions Architect at Siemens, include network security management, data encryption, endpoint protection, vulnerability management, and incident response and recovery.
“Having a well-defined incident response plan is crucial for minimizing the impact of cyberattacks. Siemens provides solutions for incident response and recovery, ensuring that data centers can swiftly contain and remediate security incidents,” Hogberg said.