When most people think of data centre security, they likely imagine the virtual technologies that prevent malware, viruses and other such programs from infecting computers.
However, the battle to protect server rooms occurs on two fronts. On one hand, network administrators, database administrators (DBAs) and systems specialists leverage anti-intrusion technologies. On the other hand, security personnel use radio-frequency identification (RFID), contactless perimeter ID cards, biometrics and even barbed wire.
Why break into a data centre?
Of all the facilities in the world a criminal could target, a data centre would seem at the bottom of the list. It’s not as if these buildings are holding millions of dollars in cash, right?
With the correct tools, an authorised person could steal financial transaction information, credit card numbers, intellectual property, medical records and other sensitive data. Building Industry Consulting Service International (BICSI) noted that such delicate material warrants comprehensive protection, not just logical security.
The idea of someone physically infiltrating a data centre seems like something out of a Bond film, but it’s a reality companies have had to deal with in the past. For example, in 2011, Vodafone suffered a security breach when malcontents broke into the company’s facility in Basingstoke, UK, according to Data Center Knowledge. The publication noted that hundreds of thousands of UK customers suffered loss of service as a result.
When that many telecom customers are unable to access services, numerous detrimental, economic repercussions transpire. Such ordeals can tarnish a company’s public reputation, causing people to seek services elsewhere.
Enhancing physical protection outdoors
To understand how personnel ID badges and card management systems contribute to data centre security, one should learn how companies go about protecting these facilities.
Taking a holistic, conceptual perspective, BICSI recommended that architects design data centres so that they “encourage legitimate behaviours and discourage illegitimate use”. In addition, the organisation maintained that data centre proprietors must implement disaster recovery and continuity strategies. This ensures that if one system fails, a site’s defences won’t be compromised.
Let’s start with the furthest point from the server room. Computer security research and training firm SANS Institute noted the following assets should be apparent around a site perimeter:
- A fence located at least 6 metres from the building on all sides.
- Guard kiosks at every access point, where employees can present ID cards to security staff
- Lighting that illuminates the entire area around the immediate building
- CCTV cameras monitoring parking lots, building entryways, fences, neighbouring properties
- Personnel constantly patrolling the facility’s perimeter
Already you can see just how tight SANS Institute believes data centre security should be. One would think these facilities protect high-risk company secrets (in some cases, they are).
The measures described in the last section paint a strong picture as to how personnel ID badges reinforce facility security. Specifically, contactless ID cards with embedded smart chips are preferable, because they allow data centre administrators to control who can access which rooms.
Smart cards are capable of storing and securing complex information. The Smart Card Alliance noted that electronic passports and visas are made possible by this technology. So, an ID badge can store an employee’s name, identification number, authorisation credentials and other data.
One of the most important features associated with ID badge management platforms is their ability to integrate with security databases. For instance, if an intruder steals an employee badge, the worker can call personnel to alert them to the problem. Then, when the malcontent tries to enter a server room, the RFID reader won’t permit access.
Why? Because the DBAs in charge of overseeing facility security flagged the employee’s ID number as illegitimate. This is just one example of how data centre professionals can configure protection protocols with the technology.
When developing security protocols for data centres, decision makers should know the difference between magnetic stripe and chip cards. This understanding will enable them to develop robust protection features that integrate well with existing assets.