Protecting data centres, with robust perimeter security
According to research from Gartner, 85% of infrastructure strategies will integrate on-premises, cloud, and edge delivery options by 2025. That’s good news for the UK’s data centres, who are an undisputed success story. Collectively they underpin an internet economy that contributes to over 16% of domestic output, 10% of employment, and 24% of total UK exports.
Yet, the challenge of scaling operations, facilities and processes to meet growing demand can make it difficult to stay on the cutting edge of security while remaining compliant. The worlds of physical and cybersecurity are much more intertwined than many data centres’ current organisational structures would have you think.
A single plan for cyber and physical security
Given the sensitive nature of such data, physical threats to data centres are becoming increasingly prevalent, with instances of vandalism, theft, and espionage on the rise. In some cases, these threats are carried out by insiders, such as employees or contractors with access to the facility. In other cases, they are carried out by external parties, including activists, criminals, or state-sponsored groups.
Unfortunately, many security operators find their ability to respond is hampered by having to work across a combination of outdated and siloed security systems. That’s most often the case when the consistent demand from customers for increased bandwidth has necessitated mergers, acquisitions or rapid expansion to new sites. Due to the limited functionality of some of these existing systems, security teams may opt to instead rely on manual visitor management processes, which exposes data centres to potential data breaches and greatly increases the likelihood of human error.
Data centre operators can improve perimeter security and protect against unauthorised access by implementing a multi-layered approach. Fencing, walls, and gates serve as the first line of defence, preventing vehicles and individuals from breaching the perimeter. Access control systems, such as biometric scanners and key cards, allow for the electronic management and monitoring of facility access. These systems should be updated on a regular basis and integrated with other security measures.
Surveillance cameras, which provide real-time monitoring and detection of any suspicious activity, are also an important component of a unified security system. Trained personnel should monitor the cameras, and the footage should be securely stored for future reference. Finally, intrusion detection systems can assist in detecting and alerting security personnel to any attempted breaches. To provide a quick and effective response, these systems should be integrated with access control and surveillance systems.
Yet as data centres must defend against physical and cyber-attacks, from both insider and outsider attacks, all the disparate security data can quickly become overwhelming, potentially obscuring a threat. For example, an operator may be unable to connect the dots between a contractor entering a restricted area unexpectedly and a device activating. A unified security system can help simplify the display of such information by giving operators the ability to create reports and alerts using information from all sources on the platform. Events can be automatically correlated to detect patterns, allowing an emerging situation to be seen from all parts of the system as a single event rather than a series of separate incidents.
A unified security system can also improve best practices by supporting automated alerts and digitised standard operating procedures, as well as providing personnel with a step-by-step guide outlining how to respond to events. This greatly benefits response consistency, as incidents are handled the same way regardless of who is on duty at the time, and precedents are set for the future. Furthermore, by adhering to the established guidelines, threats can be identified, investigated, and resolved faster than if decisions had to be made for each event.
As attacks continue to rise, data centre security must evolve with the times. Security strategies must break free from outdated legacy solutions to seek openness and flexibility. By moving to a modern, open-platform access control solution, operators can optimise building security, maximise investments and increase readiness to respond to threats. No matter how the global security landscape evolves, a unified security system possesses the flexibility needed to face any challenge, being able to adapt to an organisation’s specific security requirements.