Ways to Secure Data Centres
- by Arindam Bhadra
In today’s world the most valuable assets is data. Together with the data centres that hold and process it, they underpin almost all facets of modern life. This makes data centres an attractive target for threat actors, due to the large and diverse amount of information that supports our national infrastructure and businesses.
The term data centre security conjures images of lines of code, hackers and firewalls. However, there is a huge requirement for physical security within a data centre too.
Data centres are used to house computer systems. They often include backup data, core data, replicated data and on the whole, are huge part of an organisation’s Disaster Recovery Strategy.
In a world where technology impacts many industries, data centres are crucial for businesses and therefore data centres security is a hot topic. Not only should data be protected from potential cyber-attacks, the physical building should be secure.
The security and resilience of your data and the infrastructure beneath it are therefore critical. High-profile data breaches and disruption to services are frequently reported, with each incident, causing operators and data owners potentially huge financial losses in regulatory fines, loss of sensitive IP, downtime, post-incident recovery, security improvements, and perhaps most valuably of all, reputation.
Cyber intrusion methodology evolves constantly, and sophisticated attackers have a strong incentive to defeat the defences you put in place. It should be assumed that at some point your defences will be breached and therefore it is also important to be able to respond proactively by detecting attacks and having measures in place to minimise the impact of any cyber security incidents.
Cyber security focuses on the prevention of data theft or destruction by malicious attacks; however, this is not enough to ensure your data centre remains safe. The building also has to be protected from physical attacks.
Here, we discuss 11 ways you can physically secure data centres.
1. Use Crash Barriers
Stop unauthorized vehicle entry with the installation of road blockers. These have been designed specifically to prevent the threat of potential intruders or terrorist attacks in high-security areas. Varying in height, these road blockers will restrict the entry of vehicles.
2. Use Bollards
Avoid anything impacting and colliding into the building by installing bollards. Install permanent bollards around the building entrances. Alternatively, you could install adjustable bollards that can be lowered to allow access to authorized vehicles.
3. Limit Entry Points
Where possible, try and limit the possible entry points to only one door. If you require additional fire doors, ensure these extra doors are exit only. Limit exterior door handles to prevent any re-entry.
4. Use Security Cameras
Surveillance cameras should be installed throughout the perimeter of the data centre. Consider installing adequate CCTV signage as this can be a physical deterrent.
5. Hire On-Site Security
Threats can happen at any time. You may consider an additional layer of physical security by hiring on-site staff. Having someone monitoring the site acts as a strong deterrent to intruders and can raise the alarm if they spot any potential issues.
6. Build The Data Centre In The Best Location
Plan the best location for your data centre. If possible, choose a location away from the company’s head office or headquarters.
Ensure the data centre is set back from the main road. Consider using landscaping to help form additional protection as trees can help obscure the building from passers-by. Avoid building data centres in locations that are prone to natural disasters such as in a flood area or an area prone to earthquakes or fires.
7. Plan The Data Centre Carefully
When you design a data centre, avoid unnecessary windows. Build walls that are extremely thick as they work an effective barrier as well as improving thermal insulation.
8. Embrace Biometric Technology
Biometric technology is increasingly popular and is now part of our every day lives. Install biometric identification systems in the building to control access. This is often a fingerprint recognition device. In addition to biometric technology, ensure multi-factor authentication is in place. This method utilises two or more authentication methods. For example, someone may use their fingerprint but will still need to type in a pin code or show an access card.
9. Install Perimeter fencing
Data Centres have access to unprecedented levels of data. It is important to protect data from digital hackers, but the data also needs to be protected in the physical sense. Therefore, security-rated fencing is of the utmost importance for these buildings and keeping data secure. As a physical security breach has the potential risk just like a digital attack would.
Perimeter security is also vital. Have strong fencing around your entire site. Ensure the gates and barriers are placed where surveillance equipment, a guard, or preferably both are in place.
This is why, at SSA INTEGRATE, we understand how vital data centre fencing is in the wider security strategy of sites. The ultimate goal is to detect potential threats early on and then allow enough time to intercept a risk or threat.
10. Use Access Control Equipment
Data centres should adopt a Zero Trust Network. This means that no one is trusted until they can prove who they are. Access control equipment is an important element of implementing this.
While it may seem simple, access lists should also be provided to ensure that only approved individuals can access data centre. Ensure these lists are kept up to date and are stored securely.
11. Install a Sophisticated Alarm System
Alarm systems are costly. However, these costs are outweighed by the potential benefits. Some systems are linked to local police stations or security companies. Others are silent, but trigger alerts to key staff. Whatever the system you choose, it will bring peace of mind.
People value physical security. They trust places that are secure when they can actually see forms of security such as gates, barriers and alarm systems.
Many companies may forget about the physical form of security when it comes to data centres as they are concentrating on the risk of cyber threats. Although cybersecurity is vital and needs to be as sophisticated as possible, teaming this up with physical security can ensure your data centre is as secure as it can be.
As data centres evolve in the future, the need for physical measures will remain vital. However, physical security measures may also evolve. Having a multi-layer approach that considers both physical and cyber elements will ensure the best protection.