Data Center

Securing the Data Center

IT or FM managers responsible for securing the data center should regularly assess security risks and mitigate them when points of vulnerability come to light. Sean Ahrens and Jordan Ferrantelli, security gurus for Aon Security Consulting, identify these areas of focus in maintaining the integrity of your data.
• Look beyond the property line. Infrastructure beyond the property that houses electronics that is crucial to the data center may need to be “hardened.” For example, a telephone cabinet near a busy intersection may require a barrier, and cables outside the perimeter should be secured or hidden from view.
• Institute Check Points. Provide differential levels of access throughout the facility: check points at the entrance, various offices, control rooms, corridors and so forth. This makes it harder for an intruder, who has to break into a number of areas to reach his target.
• Involve Everyone in Security. All employees, not just security, should be alert to strangers on the premises and even ask for identification. Intruders will take advantage of the fact that most people are reluctant to appear suspicious of strangers. Another tactic is “tailgating,” where the intruder opens a door for an employee and then follows him in. Tailgating can be prevented with turnstyles that sense the presence of two people and then back the second person out. Both video and foot patrols should be done by security on a regular basis.
• Use Technology Wisely. Control cards to gain access to the inner sanctum of the data center should use pin numbers and biometrics, and video systems should document everything, by bringing cameras down to eight feet, where faces are visible.
• Pay attention to all the employees. While companies do background checks on full-time employees, they are not as careful with temporary or freelance employees. Consultants, part-timers, freelancers, and per diem workers need to be sufficiently investigated, as well as fairly compensated.
Go here for more information on common security risks for data centers.

No Responses