17
PHYSICAL SECURITY
17
By Simon Williamson , Business Development Manager , Electronic Access Solutions , Southco www . southco . com
Countering the threat of physical security breaches in the data centre with intelligent security systems
Most commentators agree that we are in the midst of a digital revolution . Data will play an important role in the world of business , and over time , competitive benefits will accrue for businesses that can effectively use data to their advantage . Data volumes continue to grow exponentially , with 40 zettabytes expected to be created by 2020 . Despite the wealth of opportunity that this situation presents , data security remains a critical issue for the industry . Although much of the focus is on cybersecurity , physical threats to information held in data centres must be considered .
It ’ s expected that the global data centre infrastructure management ( DCIM ) market will grow at a compound annual growth rate ( CAGR ) of about 15 % between now and 2020 . Data volumes are exploding , requiring safe and effective storage , processing and administration . Unsurprisingly , the number of data centres being built around the world has increased , and all of them need to protect data from a range of threats .
More and more businesses are now hosting applications and storing data in colocated data centres . Although these colocation facilities represent a favourable alternative for many businesses compared with hosting data in a dedicated data centre , offering lower cost , greater reliability and 24 / 7 local support , shared access to critical infrastructure carries its own set of challenges . As physical security becomes more important , companies must safeguard business-critical data against accidental breaches to prevent theft or damage to valuable equipment , as well as the possibility of sensitive information falling into the wrong hands .
Protecting against threats from within Although extensive measures are in place to secure the perimeter of a colocated data centre , the biggest risk to security often comes from inside . And while the threat of malicious unauthorised access is a real concern , it ’ s worth mentioning that a sizable portion of breaches are accidental .
Research has shown that accidental and malicious unauthorised access from within data centres accounts for between 9 % and 18 % of total data breaches , costing the global industry more than $ 400 billion annually . Given the ever-present risk of data breaches , the need for physical security at the rack level becomes critical . Not only must these security measures maximise cost efficiencies for data centre owners , while barring access to unwanted intruders , but they must also deliver a complete audit trail , providing a clear overview of access and highlighting anything irregular or suspect to those with the power to act .
Traditionally , access to individual racks has always been protected by key-based systems with manual access management . In some instances , data centre owners have turned to a more advanced coded key system , but even this approach provides little in the way of security – and no record of who has accessed the data centre , making the collation of accurate audit reports practically impossible .
To ameliorate the problem of unauthorised access and
concerns surrounding data security , traditional security systems are quickly being replaced by sophisticated electronicaccess-based solutions . Above all , these solutions provide a comprehensive locking facility while offering fully embedded monitoring and tracking capabilities . They form part of a fully integrated access-control system , bringing reliable access management to the individual rack . The system also enables the creation of individual access credentials for different parts of the rack , all while eliminating the need for cages .
What makes these electronic-access solutions so effective is that they can generate digital signatures to control and monitor access time and tracking for audit trails , helping to comply with growing data security standards including PCI DSS , HIPAA , FISMA , European Data Protection and Sarbanes-Oxley . Furthermore , as a standalone system , they require no network and no software to operate , instead being complemented by a manager key that can be used to add and remove users in real time as well as execute a power override if necessary .
An integrated solution for rack security Any physical security upgrade in the data centre has its issues , of course . Uninstalling existing security measures in favour of new ones costs both time and money , which is why data centre owners are turning towards more intelligent security systems such as electronic locking swing handles , which can be integrated into new and existing secure server rack facilities . They employ existing lock panel cutouts , eliminating the need for drilling and cutting . This approach allows for lock standardisation in the data centre , saving considerable time , and therefore cost – something that holds real value given the pressing demand for data centre services .
The device also helps to solve the issue of rack security by integrating traditional and contemporary access control , giving the racks maximum protection . Physical access can be obtained using an RFID card , pin code , Bluetooth , Near Field Communication or biometric identifications . Furthermore , the addition of a manual override key lock allows emergency access to the server cabinet and surrounding area . Even in the event that security must be overridden , an electronic access solution can still track the audit trail , monitoring time and rack activity . Such products have been designed to lead protection efforts against physical security breaches in data centres all over the world .
Adapting technology to meet future needs As data centre threats continue to increase , technologies such as electronic-locking swing handles will become even more in demand as companies seek greater protection for their business-critical data . Therefore , security systems must become more intelligent and integrated to afford business owners peace of mind . The industry has an increasing need for access solutions that combine protection and monitoring functions to combat the often overlooked threat of physical data breaches . n
www . networkseuropemagazine . com