We would like to keep you up to date with the latest news from MSP Channel Insights by sending you push notifications.
Subscribe to MSP Channel Insights
Why Subscribe?
Digital Newsletter Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines We'll let you know each time a new edition of MSP Channel Insights is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines The MSP Channel Insights Video magazine contains the latest Zoom interviews with experts in the industry.
Security health check – does your data centre stack up?
By Robin Brown, VP at Colt Data Centre Services.
Wednesday, 3rd August 2016
Posted 8 years ago in by Phil Alsop
As smart technology continues to digitalise all corners of our society and economy, data has become exponentially more abundant and valuable. Information security has emerged as a pressing boardroom issue, for good reason, due to the plethora of threats. Business leaders are now more inclined to spend more money on safeguarding their organisation’s data. When it comes to physical data centre protection, this means that a large amount of money is being spent on systems and facilities that look like security, but may not actually provide the required protection.
The best example of this is surveillance cameras. Some data centre providers adorn their buildings with a number of conspicuous cameras. Theoretically you could be encouraged by the presence of these devices. The argument for their presence is deterrence. However, data centres are built in highly controlled areas, where surveillance requirements are different to public spaces. Perpetrators who attempt to enter a data centre facility have completely different motives than, say, pickpockets or rioters on the streets of a city. They are not put off by cameras, but in turn, are more likely to try to switch them off. Surveillance cameras must be well hidden from both the trained and untrained eye to safely manage a data centre site.
Given recent high profile cybersecurity breaches, physical security can be overlooked in favour of online strategies, but is an integral consideration when securing a facility. Cybersecurity measures, coupled with physical security such as surveillance cameras, must be aligned to ensure 24-hour security, guaranteeing that intruders can be spotted immediately. This should also be complimented by the human eye, but it is not possible for a guard to see absolutely everything, at the right moment. This reduces the number of screens and connects the cameras with alarm systems on fences, walls and doors, which alert guards when there is something to see. Attention is flagged when it is needed, and security personnel can receive an overview and then act. A smart approach to data centres also looks to realistically assess the specific and conceivable risks for the specific location of plant and the necessary response. A central component is the approach of layering security with increasing intensity, culminating in the highest level around the actual server rooms. With a layered approach, entrants to a data centre facility go through several stages before reaching areas storing sensitive data. There are also differing levels of sophistication in terms of security, from CCTV and steel walls on the outside to sensors, finger print scanners and eye scanners inside the data centre. The physical security systems such as fences and walls of the building, and doors and cages of the server rooms can only delay an unauthorised entry. But they need to delay entry for as long as the guards need to react, or the police need to arrive.
Technologies such as alarm systems or access controls alone do not provide security, they only indicate when physical security is attacked. Smart security relies on a combination of systems. Fences and walls are coupled with intelligent alarm systems to monitor attempted breaches. Doors are coupled with electronic access controls to determine who is permitted to enter. Admission cards are provided with PINs to limit the damage caused by lost or stolen cards. The lending of access cards is also counteracted by combination with a fingerprint reader, and an encrypted digital code for the owner’s fingerprint stored directly on the card.
"Less is more" is the central slogan of smart security for data centres: plan for only those risks that may occur at the site, draw less attention to the building, layer security with an increasing intensity of measures and combine personnel, physical, and technology systems and processes. Taking these measures, operators can reach maximum safety at the minimum cost for their customers.