Modern data centers have sophisticated systems in place for multi-layer physical access control and security against a host of physical threats, and for ensuring cyber security. They apply systematic methods for electronic intrusion detection/denial. The Uptime Institute defines the resiliency of a data center as a combination of Design Topology (Tier Status) and Operational Sustainability1, with the latter category accounting for approximately 70 percent of all site failures.
In recent years, a newly recognized phenomenon has emerged as a growing threat to the operational sustainability of non-military data centers and a host of other civilian infrastructure facilities that rely on electronic data processing and storage. This phenomenon is intentional electromagnetic interference (IEMI).
The IEMI threat can leapfrog modern data center physical and cyber defenses, shut down support systems, disrupt center operations, corrupt data, and even damage circuit elements and thwart digital forensics if the electronic interference levels are strong enough.
The formal definition of IEMI is “Intentional malicious generation of electromagnetic energy introducing noise or signals into electric and electronic systems thus disrupting, confusing, or damaging these systems for terrorist or criminal purposes.” 2
The Department of Homeland Security (DHS)3 divides critical civilian infrastructure into 18 categories, all of which have varying degrees of vulnerability to IEMI. Two of the categories-information technology and banking/finance-encompass data center technology directly, and most of the other DHS infrastructure categories have significant data center elements. The IEMI threat to electronic systems has quickly evolved from laboratory and military applications into a peril that is readily available to a host of potential domestic and international perpetrators of damage to data center and other infrastructure, such as criminals, disgruntled employees, and terrorists. This threat is currently the subject of intense scrutiny by business continuity/disaster recovery professionals, and those responsible for ensuring regulatory compliance for data integrity and security.
Fortunately, for this class of electronic threats, there exists a graduated set of technical and procedural remediation approaches. The incorporation of IEMI protection into data center design and operation will soon be as commonplace as current physical and cyber security measures.