Securing a data center is a big job. Steps to success include performing a risk assessment; analyzing and specifying equipment and solutions; implementing a layered approach with perimeter security, access control, video surveillance and intrusion detection; evaluating, designing and deploying fire/life-safety solutions; assessing and addressing environmental concerns and controls; defining and establishing security protocols and procedures for the data center, as well as the overall enterprise; training users on system use; and servicing and maintaining the systems.
Here’s how you can understand your campus’ needs, and provide valuable suggestions that will help to save money, as well as improve security and building management.
Start at the Perimeter
Determining what is needed to secure a data center requires upfront work and forethought. First, perform a thorough risk assessment of the property and building. When completed properly, the results will guide the remainder of the physical and logical security design. The purpose of perimeter security is to deter, detect and delay entry.
A risk assessment will dictate where to implement security, such as determining camera locations and which doors should have readers, and the number of security authentications needed to open a door. The environment and architecture will dictate what types of technology to deploy.
In a data center environment, the key is to implement a layered approach to security. Start from the perimeter, for example, from the parking gate or building entrance, and work inward to the core. Layering authentication provides enhanced security. Deploying a card and PIN is more secure than deploying a card alone. People can share or lose cards, compromising security. Adding a PIN creates another layer, improving security and decreasing the chance for a breach.
Deploying a card, PIN and biometric is even better. People can’t share fingerprints, making it virtually impossible to compromise the security management system. While some biometric applications can be expensive, you can utilize the risk assessment data to determine where biometric technology is most effective. To save money, use a card-only or card and PIN at most outer layer doors, and install video and intercoms as another layer of security.
A rule of thumb is to authenticate a person seven times prior to reaching the core of the data center. Start with a card only or security guard checkpoint on the perimeter and increase the level of authentication with each layer. Use biometric, card swipe and PIN to gain access to the core of the data center. Be certain to define areas within the data center and limit users to only those areas where they have a business need to operate.
Vet all visitors and deliveries outside of the building “skin” to ensure only authorized people and objects are allowed to enter. Choose a security management system that provides a perimeter intrusion system to ensure the property only contains properly vetted people, or integrates with it.