Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/835749
48 Security Dealer & Integrator / www.SecurityInfoWatch.com June 2017 D ata centers are unas- suming buildings with little or no sig- nage; intentionally nondescript so the public cannot guess what is inside. e assets protected inside are not tangible, but the data is invaluable. e security model of a typical data center in some ways resembles an onion – with each inner layer harder to access than the one preceding it. e facility itself contains layers: the perim- eter, the building itself, the data center and the cabinet. Likewise, the security should contain layers, offering at each part of the facility multiple security features including barriers, badges, bio- metrics and video surveillance. While physical security may not be the first thought in an environment of cloud computing and virtualization, it should not be overlooked or under- rated. Controlling access to and within the building and servers is critical to overall data center security. By peeling away each layer within the building, the options available to help your customer and grow an integrator's data center access control business becomes clear. Peeling the Onion A data center can be an enterprise operation – where one company's data is stored and maintained – or a co-lo- cation, where multiple companies rent space within the center to store data. A high level of security is required for both, but the pain points for each differ slightly. Creating zones of secu- rity depending on access needs will allow for better control and security from human error or negligent employees. The perimeter: Perime- ter security is the first line of protection. Fencing, a vehicle gate, an exterior turnstile for foot traffic, and video surveillance should all be integral parts. e integration of motion detec- tion and video analytics gives a facility the ability to detect objects, determine the number of people in a space and even license plate recognition. In the case of an enterprise location, there are more options for limiting the traffic to the exterior of the building, while a co-location, by its very nature, will have more traffic to the building as personnel from multiple companies will require access. Visitor management: Access points into the building should be limited, while exit egress remains free. A bonus is there are only two entrances to secure – the main entrance and a load- ing dock area. Many data centers make doors that are required for exit by fire codes but with no outside handles. Layers of security at the front should allow for people entering the building to authenticate themselves a minimum of three times. e outer door to build- ing should be a badge-in door with a buzzer or intercom system for guests. Guests should receive badges tied to the access control system for track- ing. In the case of a co-location facility, security revolving doors with anti-pig- gybacking sensor systems can be used as part of the building entrance. In every case, three-factor authen- tication is the best possible scenario – something you have, something you know and something you are. e access control system should allow for pictures with badges and integra- tion with video surveillance and have options for biometric authentication. An IP-based solution allows the sys- tem to take advantage of current and future technology requirements. High security is not just a matter of checking whether a user has authori- zation to enter sensitive or restricted areas – the highest degree of separa- tion and access must be achieved. e key here is control by allowing access to only those who need it, and in the case of co-location, segmenting the rooms as much as possible. The data center itself: e data center portion, or computer room, of the building typically has the highest security. Anti-piggybacking is a must. Options include security revolvers (revolving doors) and mantraps tied into the access control system. A security revolver may be equipped with a contact mat, scales (sensors to detect and prevent tailgating), or inter- nal monitoring. Options include rotat- ing units with emergency exit function or a night closure. Reinforced bul- Data Center Access Control Peeling the layers of security By Jason Patterson, Dave Rogers Market Focus