Executive Roundtable: The State of Data Center Security

Today we conclude our Data Center Executive Roundtable, a quarterly feature showcasing the insights of thought leaders on the state of the data center industry, and where it is headed. In today’s discussion, our panel of experienced data center executives – James Leach of RagingWire Data Centers, Randy Rowland of Cyxtera Technologies, Rick Crutchley of Iron Mountain Data Centers and Jeff Klaus of Intel Data Center Software Solutions – examine the state of IT security in the data center industry.

The conversation is moderated by Rich Miller, the founder and editor of Data Center Frontier.

Data Center Frontier:  Security remains a priority for customers. How are security issues being considered in the data center design and product offerings for service providers? Will this change in 2019?

Rick Crutchley: One of the realities of the digital universe it that security and data integrity are issues for everyone, regardless of organizational size, industry, or geography. It is particularly important to public sector customers and those from regulated industries such as financial services and healthcare. As we continue to develop our presence in the data center industry, Iron Mountain views its decades long reputation for security, integrity and reliability as one of our most important differentiators. We’re not just a data center colo company, we’re a globally trusted information management company.

We design our data center facilities with the understanding that our customers expect their information to be both physically and virtually safeguarded from the millisecond that it comes into our environment, and reliably available when they need it. We utilize a “Defense in Depth” approach to both our physical and cyber security. And while we don’t publicly share specifics about our policies and technology, suffice it to say that we are in full compliance with the most rigorous security-related compliance frameworks published by organizations such as ISO and NIST.

As for changes in 2019, The convergence of physical and virtual security are constantly evolving. Threats from diverse sources including insiders, hacktivists, state sponsored actors and organized crime will continue to challenge physical and cyber security experts. The amount and commercial criticality of data being gathered and stored will also continue to grow. Increasingly, customers are realizing that they do not have the infrastructure, internal expertise or resources to keep pace with the changes. Our goal is to be a trusted solution partner in helping them to address their data challenges.

James Leach: World-class data center designs and solutions have always had security as a key element. In 2019, look for leading data center companies to deploy smart video monitoring systems and expand perimeter security to protect large data center campuses of 50 to 100 acres, or more.

Security at current data centers focuses primarily on access control. Each authorized user of the data center is granted access to specific areas of the facility. This access is controlled through a mix of factors including card readers, personal identification codes, biometrics such as iris and fingerprint scanners, and keylocks. A real-time software and database system tracks and reports on individual access.

Next-generation data centers will use smart, high-definition video cameras and software to introduce a new level of monitoring to complement current access control systems. What makes a video camera smart? The camera “knows” what it’s looking at and tags and stores the images in an online data base for easy, intuitive search. With this system, security officers can conduct investigations faster and more effectively than ever before. Compression technology is used to cost-effectively store years of video as opposed to the current 6-9 months.

The other advancement in data center security is introducing campus security to stop unauthorized entry to the property. Traditionally, data centers were viewed as individual buildings, usually protected by concrete bollards and a single point of entry. With this new approach, a security ring is installed around the entire property to provide the first layer of defense for all the buildings on the campus. Look for anti-climb fences, perimeter checkpoints, roadway paths that limit vehicle entry speeds, and barrier gates that can stop heavy vehicles such as trucks traveling at 30 miles per hour or more.

Randy Rowland: Your perimeter isn’t limited to a physical data center location, it could be anywhere, and needs to be secured everywhere. In fact, the greater risk of theft in a data center isn’t through the front door, it’s over the network. In 2019, to maximize uptime and availability and ensure data, infrastructure and networks are protected, customers will expect data center providers that can address the entire spectrum of physical and cyber security.

To effectively defend against both physical and cyber threats, data center providers need to take a holistic approach to IT infrastructure security ’s defined around people, their roles in the organization, and access to only those resources they need to perform their job.

Jeff Klaus: No change in the broad methodologies used. I think the changes will remain in materials chosen in data center construction. For example edge data centers will still need all the usual elements / requirements addressed, but they will have to fit within the smaller footprint and could also face requirements like being portable.

RECAP: Check out the full series of Data Center Frontier’s Executive Roundtable. 

Keep pace with the fact-moving world of data centers and cloud computing by following us on Twitter and Facebook, connecting with me on LinkedIn, and signing up for our weekly newspaper using the form below: