Taking a proactive approach to physical security of data centers
Following the failed bomb plot at an AWS facility, a lot of data center operators are upping their security game. Operators are making investments to protect these vital facilities which, as Compass SVP, Global Operations, Sudhir Karla, pointed out in his March blog, have a utility-like role in today’s world. As such, the physical protection of data centers has become a high priority for many operators.
Compass Datacenters takes a preventative approach to physical security. We use a layered approach to data center security. Compass evaluates security tools, people and practices in terms of the solution’s ability to deter, detect and delay threats.
Specifically, we look at every security solution and ask, will this:
- Deter bad actors?
- Delay a negative event
- Detect threats?
The best security measures check all three boxes, building layers of protection in a seamless, synchronized fashion that keep everyone and everything safe. All of our tools, processes, and systems fit inside these layers:
- Monitoring & detection
- Access controls
No single layer can protect a datacenter environment on its own. Layers often overlap and reinforce each other, creating a truly resilient security program. Here’s a closer look at each layer.
Being mindful about environmental design is key to enabling the detection of threats. Is landscaping impeding security’s view of the surrounding property? Is appropriate signage in place to make it clear who is and isn’t expected to be on property, and where they can and should safely go.
A tried-and-true fence deters and delays intruders. It is the first line of defense, and clearly signals that the area is off limits. Unless your intruder has some impressive vaulting skills, a fence is the best and easiest way to delay intrusion, buying the security team or guard time to respond.
At the perimeter level, to achieve the detection aspect of protection, a simple perimeter fence can be bolstered with monitoring and detection equipment. Motion activated cameras send alerts to the security team, complete with specific details on where the potential intrusion is taking place. In less time than it takes an intruder to get through the fence, a response is activated. With a layer of technology added to the perimeter fence, you have a mechanism for detection and checked all three boxes.
Monitoring & Detection
Cameras are an effective deterrent and detection tool. The presence of cameras causes bad actors to think twice. The function of cameras gives data center operators greater visibility into all areas of the facility.
With smarter cameras coming into play, offering motion detection and robust alerting capabilities so that they support not only deterrence, but provide detection, delivering specific details on areas of vulnerability. This level of detail acts as a force multiplier…be in the right place instead of trying to cover a lot of space.
A variety of other monitoring and detection tools can be leveraged in the datacenter environment including door-held-open and door-forced-open alarms, glass break alarms, and a variety of options to detect intrusion around the property’s perimeter.
Data centers are unique in that they really don’t get a lot of foot traffic. The number of people coming and going is relatively low and easy to control. Access gates, badge readers and intercoms go a long way toward deterring, detecting, and delaying issues and incidents. Access controls make it easy to keep bad actors at bay and know exactly who entered which area of a facility and intervene if people are out of place.
Data center industry best practice is to intentionally place multiple security “touchpoints” before a person can be standing inside of a data hall. These touchpoints usually are some form of authentication, like a badge reader. If the environment is more sensitive and/or the customer requires a more advanced level of authentication, there are opportunities to enhance the sophistication of touchpoints with a dual factor authentication system that may include a biometric authentication.
Security personnel play a vital role throughout every layer of proactive protections in place. It is vital to ensure that security personnel are equipped with good information, and a clearly defined and relatively simple set of processes and procedures. With that, they can make smart decisions and reliably deliver an effective response. In the future, we’ll see more mechanized responses — from robots and drones — to minimize risk to human life. But security personnel will continue to drive decision making when it comes to securing facilities.
In providing physical security, it imperative to have the right tools, technologies, and teams to deter, detect and delay harmful events. The layers are critical to fortify and solidify what you value.