There is more to data center security than the software layers that handle functions like log-on and authentication. While data centers need the best available software to secure online access to the IT systems and data within, it’s important to remember that data centers are also buildings, or compartments within buildings.
As with any structure used for business, there should be some level of building security provided. For a basic office building, this might be as simple as an access control system for the doors and locks so that only employees with the proper credentials or codes can enter. Other buildings also make use of video surveillance technology such as closed-circuit television (CCTV) or IP camera and recording systems.
So just consider this question: where would most data centers fall on the continuum of buildings needing security? For most data centers, it’s safe to say the building security need is higher than the typical office space, but less stringent than what is needed at an international airport. For data centers that store sensitive data such as credit card information or personal identification numbers, the need for building security can be very high, requiring multi-factor biometric authentication for certain restricted areas.
Enhanced building security has many technical details, but for those responsible for data centers, there are two basic factors to consider that put security needs in perspective. On one axis, there is the factor of the level of integration needed. On the other axis, we have the degree to which security is impactful to the business.
Let’s look at the integration axis first. For a building with more enhanced security needs, more integration is needed between security sub-systems or other systems. For example, whereas a low-security building might not have its doorway access control integrated with its CCTV system, an enhanced environment would, so that if there were to be an unauthorized access, there would be a video record of that moment. A more enhanced scenario might also include thermal imaging or sensing technology as part of the security system, integrating that with the building control system, access control, or other systems.
As building security systems have evolved over the years, they’ve also become more like other enterprise-level IT systems, with underlying databases, graphical user interfaces, and the ability to generate performance reports or handle queries. Since data center infrastructure management (DCIM) software used to optimize data center operations also has these IT system characteristics, there is the potential to integrate data between the two systems.
Perhaps access alarm records from security systems could be fed to DCIM, for instance, into a dashboard tracking data center performance. A simpler form of integration could be simply be to make a security system view part of a DCIM operator dashboard. Since many security system devices have evolved to become Internet Protocol-based, many possibilities exist.
Ultimately, the level of integration you need can also depend on the second axis—just how impactful security is to your business. A modest office building with more of a data center closet likely needs little integration beyond some access control to ensure that only the IT pro responsible for the closet gets into it. On the other hand, larger data centers call for more integration because the enhanced security delivered by that integration is vital to the business.
For example, a large data center operator that rents space to e-tailers and others has to prove that their level of security is rock solid. In fact, advanced security can be a selling point for the data center. Other large entities with sensitive data like banks or social media companies also need to prove their security to the public, not only through the best possible safeguards at the software layer in terms of authentication or password management, but at the physical security layer. For example, there might be only a subset of data center workers allowed into the rooms holding the most sensitive data, with more surveillance in that room, while other parts of the data center that house cooling or power infrastructure would require less security.
On an operational level, a data center aiming for a high level of security might also use security-related views and data to help with operational excellence. For instance, thermal imaging cameras for security might help pinpoint cooling challenges in the data center. Or, a record of access control alarms could be correlated against adverse trends in DCIM. Camera history might be used as another way of determining if standard operating procedures for maintenance or other tasks were done correctly.
There is definitely a tie between building security and data center operations. The two should not be thought of different domains. While the extent that the two domains need to be integrated will vary by how impactful security is to a company’s mission, there is likely some level of information sharing between the two domains that would help many data centers. Finally, advanced security can be a strong selling point for the data center.