How to Ensure the Physical Security of Your Data Center
Data centers are continuously exposed to security threats due to the large amount of valuable data they possess. Unauthorized access, both accidental and malicious, accounts for between 9 and 18 percent of all breaches and costs the global data center industry $400 billion every year.
It is no surprise then that data center security management, with increasingly stringent company requirements and industry regulations, is a top priority for modern data center professionals. Basic, low-level protection is no longer adequate for the complexities of modern data center environments, and data center managers need to ensure their security, while still allowing technicians and contractors the access they need, on top of other pressures like maintaining uptime, driving efficiency.
Here are some useful tips to help safeguard your data center against physical threats and intrusions:
- Electronic door locks and card access control. One of the most common and effective ways to keep your data center assets secure is to keep them in enclosed cabinets or containment areas. Having your assets behind doors that can be locked with physical keys, RFID cards, or biometrics will deter unauthorized access simply by the amount of effort required to break the lock. Data Center Infrastructure Management (DCIM) software provides an extra level of security by helping you monitor when doors are open via contact closure sensors. It can also give you insight to when access attempts are made, by whom, and if the attempt was successful.
- Limit entry points. Decrease the risk of physical break-ins and control building access by limiting the number of entry points. Establish one main entrance for customers and employees, one other entrance in the back for loading docks, and exit-only fire exit doors if fire codes require them. Once inside, you should have secure manned checkpoints with floor-to-ceiling turnstiles or mantraps to further prevent unauthorized access.
- Role-based permissions. 60% of data center security threats are internal. Whether they are inadvertent or malicious, it is critical to mitigate vulnerabilities from within by controlling the level of access that teams have to data center data. In your data center management software or DCIM solution, limit your employees’ access to areas of your data center, devices, and what features they can use. Prevent unauthorized changes by granting different permissions to different users and user groups. For example, one user might be able to edit a single PDU in a cabinet while another user can only view the devices in the data center. For colocation data centers, role-based permissions can be provided to your provider’s technicians or managed services team to restrict their ability to modify equipment.
- Background checks. Knowing that 60% of security threats come from data center employees themselves, you cannot be too careful about who works in your data center. Pre-employment background checks are now nearly universal, but you should also run background checks on vendor and contractor employees who have access to data.
- On-site security staff. Security measures such as surveillance and checkpoints are integral to comprehensive data center security, but security staff need to be on site 24x7x365 to reduce threats by their mere presence and to respond to threats. Security staff should also conduct routine patrols to be a constant reminder to would-be intruders that your data center is protected.
- Employee exit procedures. When an employee with access privileges to secure areas of your data center leaves the organization, there needs to be a procedure in place to remove their permissions. This can include changing access codes, updating access lists, revoking credentials, collecting keys, or removing biometric data. Providers should have strict controls for who can access your data and should be notified when an employee leaves the organization.
- Video surveillance. A staple of data center security, video surveillance is an extremely valuable and cost-effective tool to reduce security threats. Visible imaging cameras are common for detection and observation, infrared cameras are best in low-light environments, and thermal cameras are extremely difficult to circumvent. Use DCIM software to take video surveillance from IP and USB camera one step further, and add multiple feeds to your dashboard so you can monitor multiple areas or sites remotely.
- Be proactive. Don’t wait until the aftermath of a breach or intrusion to protect the critical assets in your data center. Get centralized, modern data security management with a second-generation DCIM solution to reduce the risk to your data center.
Data centers face new threats to physical security every day. DCIM software can help you keep track of who is doing what in your data center with real-time reporting, surveillance feeds, and role-based granular permissions that restrict access to company data and assets.
To see how Sunbird’s second-generation DCIM dramatically improves data center security management, take a test drive today.