What needs to be focused on when it comes to data center security?
When one thinks about data center security, most people think of unauthorized physical intrusion initiated by unsavory characters scaling fences or circumventing reception access management procedures. The same goes for digital security – we again imagine faceless hackers attempting to take down network systems to not only disable a data center facility, but also, to render its clients’ systems inoperable. Fortunately, data centers mitigate these risks through a robust multi-layered security infrastructure with processes that are just as sophisticated. Of course, if data centers didn’t have these systems and response plans in place, they would not be viewed as a trustworthy, high security, high availability facilities – the foundational attributes for which any operator needs just to conduct business.
Data center security must also have systems in place to prevent, anticipate and respond quickly to accidental incidents which could affect a facility’s continuous operations. These are largely mitigated through access control permissions, video cameras and sensors which work together to monitor sensitive technical areas for unauthorized (and untrained) people in a sensitive room and to make sure equipment is operating correctly. However, accidents do happen and the ability to respond to them quickly and effectively is just as imperative as stopping someone from sneaking into a data center. Smoke and fires are potential issues that data center operators should ensure that they have monitored at all times as the damage generated by such an event has extremely high tangible and intangible costs for an operator.
Just this past March, a fire destroyed OVHCloud’s SBG2 data center in Strassboug, France and damaged an adjacent facility as well. From what is known currently, it appears that this was an accident where equipment did not function correctly. In fact, the fire may have started with the Uninterrupted Power Supply (UPS), one of which had been worked on in the days preceding the event.
But many are asking how could a fire destroy the entire data center? Aren’t there processes in place to identify, notify, isolate and suppress a fire situation quickly? The real answer may not be available for several months as investigators, staff, and insurance companies sift through the evidence. Even then, one may never fully understand the root cause of the fire and all the actions that were taken, or not taken, to contain it.