A Guide to Physical Datacenter Security
If you have toured the inside of a large scale public datacenter, the first thing you will likely notice is that data security starts with physical security. Being able to take the best-practices from public datacenters and apply them inside a private datacenter will ultimately put another barrier between your data and individuals with malicious intent.
In 2011, an insurance agency called Health Net estimated that up to 1.9 million of its members could have had their personal information breached. This breach was first discovered when the datacenter, which was managed by IBM, notified Health Net of the missing server hard drives. Health Net was ordered to pay hundreds of thousands of dollars in fines, and the company was sued in civil court citing HIPAA regulations.
How to avoid such a nightmare scenario? Let’s be honest, securing your datacenter is no easy task. Each individual facility has its own set of variables that present unique physical security challenges. The following are a few tips that can be implemented today. These simple strategies will help you shore up the challenges you may have when creating a layer of physical security around your datacenter.
Establish a perimeter: Perhaps this sounds elementary, but you should already be enforcing some sort of physical security policy for your datacenter. While locked doors and biometric access to secured facilities is becoming commonplace, your organization may have a need for physical security guards who patrol the perimeter of your datacenter. As a best-practice, it is recommended that all datacenters have closed circuit video monitoring equipment facing each of its outside walls. These cameras should have a clear view of the ceiling as well, because some intruders will try to use the ceiling as a way to crawl into your facility.
Segregate loading and storage: Perhaps you’ve received a large shipment of bare metal servers. Although the servers do not contain data yet, the servers are still susceptible to an attack if an unauthorized individual gains access to them while they are still in the box. Sophisticated technology exists that can be implanted inside of a device that will sniff data and report back to a central location without the victim ever knowing. By having your loading docks segregated and secured away from your storage areas, you won’t have to risk someone compromising the integrity of your equipment before you put it in the racks.
Power and cabling: Two often overlooked aspects of datacenter physical security are power and network cabling. Without power, your servers can’t turn on. Without network access, your servers won’t be able to communicate. Cabling should look nice and neat, much as you would see in an advertisement for datacenter products. If network cabling or power cabling isn’t nice and neat, your organization could suffer unplanned downtime due to an employee making a mistake inside the datacenter. Any mistakes made by datacenter employees could ultimately compromise the integrity of your data.
Natalie Lehrer is a senior contributor for CloudWedge. In her spare time, Natalie enjoys exploring all things cloud and is a music enthusiast. View Full Bio
Tweet This