04:30 PM
Natalie Lehrer
Natalie Lehrer
Connect Directly

A Guide to Physical Datacenter Security

Datacenters are generally known to be extremely secure facilities. However, physical breaches do happen, and they sometimes occur very easily.

If you have toured the inside of a large scale public datacenter, the first thing you will likely notice is that data security starts with physical security. Being able to take the best-practices from public datacenters and apply them inside a private datacenter will ultimately put another barrier between your data and individuals with malicious intent.

In 2011, an insurance agency called Health Net estimated that up to 1.9 million of its members could have had their personal information breached. This breach was first discovered when the datacenter, which was managed by IBM, notified Health Net of the missing server hard drives. Health Net was ordered to pay hundreds of thousands of dollars in fines, and the company was sued in civil court citing HIPAA regulations.

How to avoid such a nightmare scenario? Let’s be honest, securing your datacenter is no easy task. Each individual facility has its own set of variables that present unique physical security challenges. The following are a few tips that can be implemented today. These simple strategies will help you shore up the challenges you may have when creating a layer of physical security around your datacenter.

Establish a perimeter: Perhaps this sounds elementary, but you should already be enforcing some sort of physical security policy for your datacenter. While locked doors and biometric access to secured facilities is becoming commonplace, your organization may have a need for physical security guards who patrol the perimeter of your datacenter. As a best-practice, it is recommended that all datacenters have closed circuit video monitoring equipment facing each of its outside walls. These cameras should have a clear view of the ceiling as well, because some intruders will try to use the ceiling as a way to crawl into your facility.

Segregate loading and storage: Perhaps you’ve received a large shipment of bare metal servers. Although the servers do not contain data yet, the servers are still susceptible to an attack if an unauthorized individual gains access to them while they are still in the box. Sophisticated technology exists that can be implanted inside of a device that will sniff data and report back to a central location without the victim ever knowing. By having your loading docks segregated and secured away from your storage areas, you won’t have to risk someone compromising the integrity of your equipment before you put it in the racks.

Power and cabling: Two often overlooked aspects of datacenter physical security are power and network cabling. Without power, your servers can’t turn on. Without network access, your servers won’t be able to communicate. Cabling should look nice and neat, much as you would see in an advertisement for datacenter products. If network cabling or power cabling isn’t nice and neat, your organization could suffer unplanned downtime due to an employee making a mistake inside the datacenter. Any mistakes made by datacenter employees could ultimately compromise the integrity of your data.

Natalie Lehrer is a senior contributor for CloudWedge. In her spare time, Natalie enjoys exploring all things cloud and is a music enthusiast. View Full Bio
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
Register for Wall Street & Technology Newsletters
7 Unusual Behaviors That Indicate Security Breaches
7 Unusual Behaviors That Indicate Security Breaches
Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.