14 ELECTRONIC ACCESS CONTROL
14 ELECTRONIC ACCESS CONTROL
By Stephen O ’ Connell , MD , RACK-SEC
www . rack-sec . com
If you haven ’ t had a physical breach already , with substandard security it ’ s only a matter of time
With the need to protect and audit equipment , rack security is becoming more of a must-have than a wish list . Electronic access control ( EAC ) at rack level has entered the data centre security arena .
DSS / PCI compliance has been in place for a number of years , and this requires physical protection and auditable records to protect records of credit cards and personal information stored on servers .
GDPR compliance has recently been made mandatory for personal details held on servers . Although the mention of physical security is a bit vague , and heavy fines likely to be introduced for non-compliance by the EU . The compliance says reporting of any data breach must be notified to the governing body within 72 hours . Therefore , the quicker you can confirm where the breach has happened the better , and with EAC you can audit all personnel quickly to eliminate a physical breach . This is important as research indicates 30 % of data breaches will likely be from your own personnel .
A serious challenge A data centre will normally house different applications and platforms requiring support from a number of services ; do you know how many personnel / service companies have access to your data hall / computer room ? Cleaners , maintenance staff , third party maintenance staff , network teams , server teams , third-party support server companies and other contractors , with large companies the average number can be up to 60 or more .
While most entrance doors are protected by a building security proximity card system , this will only provide information as to who has entered the room , but no detail as to what rack has been opened will be available . The second line of defence will be a key in the rack swing lock , which are often lost , so some personnel simply leave a spare key in the most used rack door for convenience . Some sites have added CCTV in the protected areas , although due to
www . networkseuropemagazine . com