— The Data Center’s Multi-Layered Security

03.07.2023 | 3 min read

Security is an essential prerequisite for the successful operation of a data center

DNot only can a security breach cost millions of euros in immediate business disruption and/ or compromised data, but the long-term effects are equally as distressing. Brand reputation and the ability to attract and retain customers is severely compromised when a flawed security record occurs, affecting growth and ongoing operations. This is why mitigating data center risk through physical security layers is so important for today’s operators, especially if they are to attain competitive advantage in the ever-growing and competitive data center industry.

Data center multi-level security logically starts on the outside and gets exponentially more stringent as one progresses within the building. However, there is a delicate balance between allowing employees and verified guests access to approved areas without delays and hassles, while immediately dissuading and preventing unauthorized individuals from even setting foot within property lines.

 24/7 Monitoring and AI-supported Hazard Management

Relying on experienced staff and high-tech security systems for constant surveillance inside and outside the data center is also important. State of the art video systems including thermal cameras are not only capable of monitoring and recording constantly. Video analysis also triggers real-time alerts based on complex object classifications and recognition filter combinations, increasing situational awareness and delivering critical, time-sensitive intelligence. Some data center operators are even using drones to oversee properties and send back information to the 24/7 Security Operations Center (SOC). Central command staff is aware of every situation in real-time and will intervene appropriately after assessing whether a person is authorized to be on the premises or is a trespasser. Staff can also survey unusual and rare events such torrential floods and earthquake damage and take the appropriate preventive or reactionary steps.

Automated access process

When people are able to access the more secure building perimeter of the property, it is usually through the main entry door, which by design, minimizes attention to other, less-trafficked entry areas. Of course, this may be the only entrance available from the street level as other doors may be located beyond drivable security check points, anti-climb fencing and vehicle deterrent bollards. The main entry door funnels people to a secure reception area inside. At the front desk, both humans and machines are the literal “gate keepers,” working to keep order and protect highly sensitive areas. In order for the front desk to operate effectively, there needs to be an efficient and secure process in place to allow authorized guests quick entry but immediately reject unverified people.

To accomplish this task, many data center operators utilize cutting-edge access control systems. Some are fully digitized, self-service kiosks with extremely accurate border-control level ID verification and biometric authentication. Other systems work in conjunction with reception personnel to provide an additional layer of verification along with guest amenities. Once approved for entry, users can proceed further into the data center.

Access permissions are defined by personnel to make sure that visitors are only allowed into pre-defined areas – whether a simple meeting room, a specified floor or the highly restricted server areas. Even employees have access permissions and most cannot easily enter server rooms or sensitive and critical equipment areas. This is for security and safety reasons as major breaches can be caused by employee accidents, careless mistakes or intentional destruction. In order to mitigate unauthorized access and potential damages, single person turnstile gates and doors are utilized. Employee and visitor keycards can also determine where people are or have been during a given period and are coded to expire at designated times.

Holistic security solution

When reviewing key components of multi-layered data center security, an area that is often overlooked is the effective processes and control systems within the organization. Logical security, as it is known, is required to make the campus operate optimally and safely. All the impressive physical security systems and high-tech cameras are not fully effective if there is not a coordinated and collaborative process in place that is embraced by all. Logical security success only comes with hands-on experience and knowledge of best practices. Compliance can also re-enforce an operator’s strength in the security field with certifications in process implementation, operational procedures, and of course, security and safety infrastructure. The setup of an internal control system, the basis for “Service Organization Controls (SOC)” reports, can be designed and implemented to provide documented trust levels (according to either ISAE 3000 or SOC1/2 standards).

Multi-layered security is comprised of impressive access management and verification rings that get increasingly tighter the farther one is allowed within the data center. State-of-the-art equipment, facility management processes and experienced staff integrate together to create a shield that protects the data center. This security triumvirate is ever vigilant and on call 24/7, and keeps the data center operating continuously and, thus, keeps customer businesses running uninterrupted as well.

To learn more about how e-shelter security supports the critical data center industry, please contact us today.

— More interesting articles