The 3 Pillars of Modern Physical Data Center Security

April 23rd, 2021 by · 2 Comments

This Industry Viewpoint was authored by Tung Vo, Director of Security and Compliance at STACK INFRASTRUCTURE.

Combining the right tools, processes, and people is key to addressing today’s and tomorrow’s data center security challenges.

Electric fencing. Armed guards. A steel and concrete vault. These are some of the security features of Fort Knox, the world’s most secure gold bullion depository. They’re also just the first chapter of the story of today’s physical data security.

Why? Today, it’s not all the gold in Fort Knox that is the world’s most valuable asset – it’s data. Data has reshaped the entire global economy, enabled more significant business innovation than at any time in history, and created unprecedented challenges in safeguarding it.

Unsurprisingly, data centers are the epicenter of the struggle around data management and protection. Home to mission-critical infrastructure and vital information that powers everything from online banking and gaming to autonomous vehicles and connected medical devices, data center operators are going to great lengths to protect that information from unauthorized access and use.

While much of their efforts are rightfully aimed at digital intrusion prevention as cyberattacks become more frequent and sophisticated, data centers also need to align their on-site technologies, policies correctly, and human resources to protect against rare but potentially catastrophic physical security breaches as well.

Innovative security technologies

Physical data center security has gone higher-tech. Staffed perimeter security and swiping badges from a lanyard in an access-controlled vestibule have been augmented through an arsenal of next-generation security tools and old standbys that can transform a data center into a veritable Fort Knox.

 

Solutions like anti-tailgating technologies that prevent unwanted visitors from sneaking in behind approved visitors, fingerprint and retinal scanners that augment easily borrowed, stolen, and lost swipe cards, and facial recognition software that can automatically grant or deny access are vital assets in streamlining and enhancing physical security efforts.

 

And as requirements change fast, technology is moving even faster. On the bleeding edge, security system technologies now have the ability to isolate any recorded archival video images of a specific person and obscure their facial details in response worldwide concerns over data privacy. Now with COVID, access permissions can also leverage unobtrusive temperature scanning, and facial recognition can deny entry if a face mask is not being used.

However, manually managing all that tech can be time-consuming and cumbersome. Just as cybersecurity teams often consolidate the various systems they use daily into a more manageable toolset, data center security teams should also consider standardizing their systems to a single control platform as well. These platforms enable teams to configure, control, and manage their anti-tailgating, facial recognition, and more advanced tools from a single console for greater efficiency, easier scale, and better agility in the face of evolving security demands.

Robust, extensive policies and procedures

No matter how advanced your physical security technologies, they’re not that valuable if no one knows how and when to use them. Today’s data center security leaders must devise comprehensive policies and procedures that comply with various regulatory standards like NIST Special Publication 800-53, governing security and privacy controls for federal government IT systems.

More importantly, it’s imperative that security leaders also take a balanced approach of risk versus restriction. Safety and security are paramount, but once they start infringing upon client expectations or overall experience, it might be time to re-evaluate. The client experience is still the core of successful data center operations.

Efficient, effective, standardized policies are key. Specifically, it’s a good idea to build simple, repeatable policies that meet security standards without creating access roadblocks or complexifying the on-site experience. It’s also imperative to make sure they’re also client-focused, as restrictive policies might affect clients who need immediate access to their deployment.

Dedicated, vetted, and qualified staff

While nearly all the focus of modern data center security centers on technologies and governance, data center staff are the glue that holds it all together. They drive security effectiveness and the client’s experience of it.

Despite the rapid digitization of data center operations and reliance on automated technologies to execute core operations, data centers are still largely people-run facilities. Technology can fail, and policies frequently reveal themselves to be misguided or counterproductive to the company’s goals.

Having the right security personnel in place to closely monitor security systems and making informed judgment calls about how strictly policies should be applied is key to keeping everything operating smoothly and securely. But that level of trust and autonomy doesn’t and shouldn’t happen overnight.

Getting the “right” people in place is a function of hiring exceptional people who ideally fit with company culture. Broadly, you’ll want to target individuals with demonstrable honor, honesty, and integrity for critical security positions — even if they don’t have a background in security or data centers. It’s more important to the data center and its clients that security team members be willing to go above and beyond the bullet points in their job descriptions and most importantly, having the critical thinking skills to evaluate situations and take appropriate, decisive action.

A framework for comprehensive protection

Data center security is no longer only about building high walls and entry gates to prevent unwanted visitors. But neither is it merely about buying and applying more advanced (and expensive) technologies to support enhanced security operations.

Instead, data center security and operations leaders must strategically develop a security framework that combines innovative technologies, comprehensive policies and procedures, and dedicated personnel to create a more comprehensive, responsive, and adaptive physical security posture capable of protecting precious assets against current and future threats — without interfering with the daily business and experience of its customers.

About the author:

Tung Vo is Director of Security and Compliance at STACK INFRASTRUCTURE.

If you haven't already, please take our Reader Survey! Just 3 questions to help us better understand who is reading Telecom Ramblings so we can serve you better!

Categories: Datacenter · Industry Viewpoint · Security

Join the Discussion!

2 Comments So Far


  • Gary Weiner says:

    Data at Rest within fortified environment is well covered and the ethos is rich in product development and offerings and Stack does bring attractive value to this market.

    BUT WHERE IS ANY CONVERSATION OF PHYSICAL SECURITY OF DATA IN MOTION!?

    “Privacy”, to be more specific.

    Why is there no discussion on assured privacy of data between data centers, between end users, across PON network users?!

    It is a head-in-the-sand situation. No one owns the problem because the status quo fiber being pulled is all that the market seems to know – – the debate is single mode OR multi mode and the false notion that encryption protects in-motion, in-transit transmission data from hackers is utter nonsense….

    Every single encryption engineer team boasts that they can decipher or decrypt their competition’s art.

    And given time for quantum computing, we are building more and more fiber plants that essentially are a ‘house of cards’, especially with migration to a digital global-currency economy.

    We need a lot more fiber yes, but what we also need to be building is Privacy Enriched Secure Fiber networks, preventing eavesdropping and interception across the spans…. keeping the data out of the hands of everyone except the intended recipients.

  • Ya, I have the seen the website hosted on platforms such as WordPress are more vulnerable. Implementing security can protect assets.

Leave a Comment

You may Log In to post a comment, or fill in the form to post anonymously.





  • Ramblings’ Jobs

    Post a Job - Just $99/30days
  • Event Calendar