The Do’s and Don’ts of Data Center Security

Eddie Ankers, Director of Corporate Security for RagingWire

As data centers take on a more prominent role in our businesses and our lives, they face greater security risks than ever before.  International or domestic terrorists may seek to damage data centers in order to disrupt our way of life, commerce, and economy. “Thrill-seekers” might want to generate a media frenzy by causing massive damage. Even so-called “common criminals” can make money on the black market by selling stolen equipment such as servers, cables, and the copper wire stored on data center construction sites.

The case for data center security has never been stronger. Plus we’ve learned a lot over the last 15-20 years about data center security. What works and what doesn’t. What’s for show and what’s for real. And new technologies are on the horizon which could cost-effectively enhance data center security.

This article presents some of the critical “do’s and don’ts” of data center security.

Security Officers Form a Critical Layer of Defense

Here are some tips to maximize the effectiveness of a key component of any security system – your people.

Build an in-house team of security professionals – Typically the first human contact at a data center is with a security person. You want thoroughly vetted, full-time, professional security officers who are 100% vested in the company’s success while proudly wearing your logo.

Hire for security and service skills – Former military or law enforcement personnel are often the best at understanding the “always be prepared” nature of security, even on nights and weekends. Also, look for service-oriented people who will boost the company’s reputation by escorting people in need of assistance, tidying up when necessary, and promptly handling issues with plumbing, wildlife, parking, and whatever else may come up.

Train well and train often – Guards must quickly analyze data from pan-tilt-and-zoom cameras, 360-degree perimeter and roof cameras, under-floor intrusion detection systems, and above-cage environment security. Staff must also be ready to notice suspicious visitors who wear bulky clothing in the summer, show the imprint of a concealed weapon, alter or hide their appearance, etc.

Document processes and run drills – Security officers need defined rounds with documented performance. Define scenarios, develop processes, and run tests to keep everyone prepared.
[clickToTweet tweet=”Eddie Ankers – The case for data center security has never been stronger. #datacenters” quote=”Eddie Ankers – The case for data center security has never been stronger. #datacenters”]

Technology to Use, and Avoid

Interior security

Iris scanners are better than ever – The speed of modern iris scanners is excellent. More advanced iris scanners now incorporate 3-in-1 authentication with iris, badge, and PIN code readers. High end scanners can even tell the difference between a “live” eyeball and a fake one.

Turnstiles are improving as entrance controls – New anti-tailgate access control turnstiles are better than older weight-sensitive portals because they can sense and deny access to two people trying to enter your facility back-to-back.

Facial recognition technology isn’t ready yet – Facial recognition technology is improving, but is still too easy to fake or work around to be trusted as an access tool for a data center.

Cameras generate crucial data – High definition, pan-tilt-zoom (PTZ) cameras are a must. Video management systems use pattern-based technology to evaluate people and vehicles in real-time, and are teachable to refine accuracy.

Access control systems can save lives – Newer systems can locate people inside your data center so they can be reached in an emergency evacuation, and analyze actions of potential intruders.

Exterior Security

Autonomous drones can deter and detect – With high-definition cameras and facial recognition technology, these “eyes in the sky” can alert guards of abnormal activity. A very visible deterrent, drones can be programmed to fly in patterns that can’t be predicted by trespassers.

Anti-climb fencing is a must – Fences are a visual deterrent, especially with pointed tip bars that curve outward. Dual-coated, corrosion-resistant finishes preserve the professional look of your property.

Anti-ram gates dissuade other threats – A security checkpoint equipped with an M30-P1 rated, anti-ram barrier arm protects your site from a 15,000-pound truck traveling up to 30 mph.

Should your security staff be visibly armed with guns?

The question of whether data center security staff should be armed or not has been a point of debate for security leaders. The fundamental question: do armed security guards reduce or increase risk in the data center?

Here are some points to consider when deciding if your security staff should carry guns.

• Armed guards require more training and certification – Managing armed security guards requires significantly higher training and ongoing certification.
• Are guns a deterrent? – While some invaders may be deterred by armed security staff, others may not if they are motivated beyond their own safety.
• Are guns effective? – A shootout could neutralize an intruder, but could also cause significant collateral damage to people or equipment. Bullets ricocheting through a data vault could be catastrophic.
• Do guns make you feel safe or stressed? – Visible guns can be an upsetting reminder to data center employees and customers of the possibility of a dangerous event.

Security Improvements You May Not Have Thought About

Here are some often overlooked ways to improve the security profile of your data center.

Ask for support from the U.S. Government – At one time, data centers were not classified as critical infrastructure by the Department of Homeland Security. Now they are. That means there are studies available to help you improve your security strategy and federal funds to help secure crucial fiber points outside of the data center perimeter.

Monitor news and weather events in real-time – Keeping one eye on current news and one on live weather tracking is imperative. It is also necessary to stay up-to-date on “big picture trends” to gauge new threat risks related to technology, criminal risk/reward thresholds, factors driving criminal motivation, etc.

[clickToTweet tweet=”Data center security: Drones can be programmed to fly in patterns that can’t be predicted by trespassers.” quote=”Data center security: Drones can be programmed to fly in patterns that can’t be predicted by trespassers.”]

Develop security working groups – Connect with other security professionals in your area to share information that everyone can benefit from.

Reach out for help at all levels – Develop, foster, and maintain relationships with federal, state, and local law enforcement and emergency services.

How to sleep better at night

To deter and stop intrusions, RagingWire deploys a defense-in-depth strategy based on the following checklist:

• Exterior and interior security checkpoints that are electronically operated and monitored 24/7/365 by our well-trained in-house security team.
• Multi-factor systems that require something to carry (such as a token or magnetic card), something to remember (a PIN code), and something that is a part of you (a biometric aspect).
• Audits that are performed quarterly in line with SOC 2 requirements. Drills and tests are performed regularly as well.
• Visitor monitoring through an integrated system of access control, mantraps and video management.

Eddie Ankers is RagingWire’s Director of Corporate Security.