Following the failed bombing plot at an Amazon Web Services facility earlier this year, physical security has become a hot topic in the mission critical industry. Data centers are critical infrastructure for the global economy, which is why it is so important to protect them with a multifaceted security strategy that is proactive in anticipating threats. However, discussions regarding physical security tend to steer toward a handful of measures that lean heavily on exciting technologies, such as biometrics for access control. There is a place for those James Bond-like gadgets, but they must be part of a more comprehensive, layered approach to security.
A more comprehensive security strategy should focus on answering three key questions that are proactive and preventative in nature.
- How do we deter bad actors?
- How do we delay a negative event?
- How do we detect potential and active threats?
The best security measures focus on answering all three of those questions, building layers of protection in a seamless, synchronized fashion that keeps everyone and everything safe. There are four security layers that should be part of every data center company’s strategy: perimeter security, monitoring and detection, access controls, and security personnel.
No single layer can protect a data center environment on its own. Layers often overlap and reinforce each other, creating a truly resilient security program. Here’s a closer look at each layer.
Monitoring and Detection
Cameras are an effective deterrent and detection tool. The presence of cameras causes bad actors to think twice. The function of cameras gives data center operators greater visibility into all areas of the facility. Smart cameras offer motion detection and robust alerting capabilities to support deterrence, provide detection, and deliver specific details on areas of vulnerability. This level of detail acts as a force multiplier, allowing security personnel to be in the right place instead of trying to cover a lot of space. A variety of other monitoring and detection tools can be leveraged in the data center environment, including door-held-open and door-forced-open alarms, glass break alarms, and a variety of options to detect intrusion around the property’s perimeter.
Data centers are unique in that they really don’t get a lot of foot traffic. The number of people coming and going is relatively low and easy to control. Access gates, badge readers, and intercoms go a long way toward deterring, detecting, and delaying issues and incidents. Access controls make it easy to keep bad actors at bay, know exactly who entered which area of a facility, and intervene if people are out of place. Data center industry best practice is to intentionally place multiple security “touchpoints” before a person can be standing inside of a data hall. These touchpoints usually are some form of authentication, like a badge reader. If the environment is more sensitive and/or the customer requires a more advanced level of authentication, there are opportunities to enhance the sophistication of touchpoints with a dual-factor authentication system that may include a biometric authentication.
Security personnel play a vital role throughout every layer of proactive protections in place. It is essential to ensure security personnel are equipped with good information and a clearly defined and relatively simple set of processes and procedures. With that, they can make smart decisions and reliably deliver an effective response. In the future, we’ll see more mechanized responses, like robots and drones, to minimize risk to human life. But security personnel will continue to drive decision-making when it comes to securing facilities.