Data Storage Security: Securing the Physical Data Center - Page 2
Also, a cup of coffee in a data center can be as dangerous as a gun. Don’t leave your data center wide open to unwanted visitors or careless staff.
· Good door locks Dead simple? Yes, and all too often ignored in the data center. If there is a lock it’s easily sprung with a simple plastic card. Good door locks don’t exactly cost the world; invest in them for your data center’s sensitive areas. And invest in area alarms while you’re at it.
· Challenge every visitor The practice of “tailgating” is one of the easiest ways to intrude into a data center. One data center security consultant gained entry to a NOC by posing as a hardware salesman who was carrying a tray of food. Although the data center was protected by biometrics, IT staff simply opened the door for him and the food. Other intruders simply follow in employees. To look innocent they either talked on their cell phone or were on crutches. The employees held the secure door open for them.
· Secure checks on employees The very easiest way to gain access to a data center is by getting on that data center’s staff. Run security checks at hiring and at least once a year thereafter. More frequently is even better, especially at co-location data centers that are in charge of big volumes of customer data.
· Hardened exterior Foot-thick walls will protect a free-standing data center from physical attack and from a lot of natural disasters. Foot-thick walls with double exterior security doors and ballistics-proof windows will protect you even better.
· Protect all access via electronic Access Control Systems (ACS) Biometrics are becoming more common in sensitive data centers. These systems include palm and fingerprint readers, and the spy movie-staple iris recognition. Two-factor authentication with access cards and passwords are the next level down, and simple access cards complete the electronic ACS picture.
· 24x7 surveillance and security teams Highly secure facilities invest in internal and external security cameras. Do not go cheap with simple fixed cameras: thieves who know what they’re doing—or who are just lucky – will stay out of direct view. PTZ (fixed and pan, tilt, zoom) digital recording cameras will do the trick.
Additional security layers include crash barriers, land perimeter protection and vegetation maintenance, a man trap (it’s like an airlock), cages for sensitive equipment, and a threat conditions policy.
Companies spend multi-millions of dollars on network security. Yet if an attacker, disaster, or energy shortage takes down your data center then what was it all for? Don’t leave your data center gaping open, and make very sure that your data center provider isn’t either.
Christine Taylor is a well-known technology journalist and industry-watcher.
Photo courtesy of Shutterstock.