Data Center Security

By Bernhard Mehl
October 1, 2019

Why do businesses use data centers?

For many companies, the data center is the heart and soul of their operations. Data centers support a number of core enterprise activities such as communication and file sharing, processing large datasets, and housing computing resources such as productivity applications, storage, and network infrastructure. To perform their various functions, data centers require robust computing hardware and powerful networking equipment. This is what allows them to aid companies and universities in processing large datasets for research, or allows for seamless collaboration amongst media professionals when working with large digital assets. Therefore data center security is paramount to an organization’s operations, productivity, and reputation.

How can you keep a data center secure?

From an administrative perspective, there are a number of identity and access management (IAM) solutions available to organizations to ensure sensitive company data is secure and access to that data is properly restricted. However, given the large financial investment companies make on the physical components needed to build a proper data center (i.e. routers, servers, storage, and other associated hardware), data center physical security also plays a crucial role in hardware maintenance, as well as in preventing unauthorized physical access to equipment and data.

How can you integrate IAM with data centers security?

From an IT perspective, data centers can be something of a double-edged sword. On the one hand, they centralize crucial company data, applications, and communication, making it easier than ever for employees to remain productive on the road via laptops, mobile devices, or remote workstations. However, this also means that sensitive company data is more at risk. The firewalls and intrusion prevention systems protecting company data at the data center have limited effects for remote workers who bring company devices outside the traditional network perimeter. Therefore, a more streamlined approach to authentication and authorization is needed to manage efficient access to data center resources. IAM solutions aim to be that consolidated approach, while also allowing for additional security measures such as single sign-on (SSO) and two-factor authentication (2FA).

5d7a0c8235174a2416c2870c
template-1
container

There are a number of IAM software solutions available, such as Forefront Identity Manager, Microsoft Azure, and Okta Identity Management. It’s important to keep in mind, however, that the IAM software solution you choose must be able to:

  • support your existing applications, servers, and databases
  • be scalable to adapt to a growing volume of users
  • be easily manageable for both a normal user and IT professional to help prevent disruptions in access and workflow.   

For further streamlining and better ease of use, Kisi’s access control systems and products are compatible with a number of IAM software solutions.

What data center physical security measures can you take?

Using a cloud-based access control solution allows you to integrate your current IT stack with the physical components of your space—decentral credential storage in each cloud-connected reader ensures remote management and 24/7 health status monitoring. Cloud-based access control technology also integrates with intrusion alarms, 2FA and SSO. Software and administrative security measures are only part of the equation. To help safeguard your organization’s sensitive data from physical threats and intrusion, there are a number of data center physical security solutions you should implement when building your data center

For instance:

  • Carefully select the location where you plan to build the data center so as to mitigate the risk of damage from natural disasters or heavily trafficked areas
  • Choose building materials with security and protection in mind (i.e. thick concrete walls, limited amounts of windows)
  • Limit the number of entry points and have surveillance in place to carefully monitor who enters the facility and when
  • Implement multiple layers of security and ensure that anyone entering the facility be authenticated multiple times (i.e. 2FA, biometrics, access cards)
  • Ensure that the data center has access to two sources of utilities, such as electricity and water, in the event of an outage or emergency.
  • Ensure that the data center’s design and infrastructure adheres to data center physical security standards such as ANTSI/TIA-942

It will be important for your organization to create a data center physical security checklist  to facilitate the design of your data center. This will not only give you a starting point to begin your design, but also ensure that the specifications of your build will help limit wear and tear on data center equipment. For instance, a typical server room security checklist should include:

  • Specifications related to room size, ceiling height, and building material type
  • Equipment specifications to ensure proper emergency monitoring, access to electricity, and proper grounding
  • Cooling specifications detailing aisle configuration, plans for back-ups, and under floor cooling systems specifications
  • Electric systems specifications that outline back-up power systems, emergency shutdown procedures, and grounding systems

Why should you implement a data center physical security policy?

It’s important to ensure that your data center physical security solutions are supplemented with a thorough data center physical security policy. These policies ensure that those with access to sensitive company information and expensive server equipment follow a standard operating procedure meant to mitigate the risk of data breaches and hardware damage. While following the example of other organizations can help act as a starting point for your own data center physical security policy, your policy could include some of the following elements:

  • Detailed descriptions of access levels that are reflected on your cloud-based access control dashboard, as well as procedures for escorted access and remote access
  • Guidelines for entry points (i.e. rules on key card access, propping doors, tailgating, and logging entrances and exits)
  • Guidelines for reporting exceptions and/or unauthorized access, as well as an outline of procedures to follow in the event of remote cyber security threats like phishing, social engineering, and hacking
  • Detailed outlines for safety and cleanliness policies, as well as policies for data center equipment deliveries, pick-ups, maintenance, and repairs

Overall, data centers play a critical role in an organization’s operations and productivity, but they are also expensive investments that house expensive equipment, sensitive data, and crucial applications. While data center security is complex and multi-faceted, it’s crucial to ensure smooth and safe operations at your organization. Kisi offers a number of services to help support your company’s security measures while also streamlining and simplifying the process.

Bernhard Mehl

Bernhard is the co-founder and CEO of Kisi. His philosophy, "security is awesome," is contagious among tech-enabled companies.

Access Control Technologies
Useful Resources