Data Center Security Best Practices



A physical security breach can cause immeasurable harm to a data center. Given the increasing need to protect critical information, any data loss, or even the inability to meet the mandatory regulatory requirements, can result in bad press, lost customers, fines and lost revenue.

Interoperability is a critical building block for data center physical security. The entire ecosystem of manufacturers and integrators that serve the data center physical security market need to make sure their products work together to provide a scalable, layered physical security solution. An effective, layered approach requires all systems to work in a cohesive manner. Network-based solutions are clearly the future of data center security, and disparate systems that do not talk to one another will be left behind.


Understanding the Six Layers 

Each data center’s security strategy is unique; however, building a layered approach to data center security helps tailor the solution to a data center’s needs. The first step in determining the right layered approach is talking to a trusted technical adviser to better understand the current system, future needs and working environment.

Layer one: The data center cabinet: The core of the data center is the IT infrastructure housed within a data center cabinet. As a rule, these cabinets are remarkably insecure. Cabinet access control is being implemented into more compliance standards to prevent server theft, storage theft, monitoring devices, virus uploads and interruption to power or connectivity. The ability to positively identify who is getting into these cabinets is now required for top-tier data centers and compliance regulations.

Layer two: Data center room and white space: To prevent unauthorized people from entering the white space, access control, such as dual-factor biometrics, is essential to controlling authorized access to the data center. When combined with real-time video verification, a new element is added to further guard against unauthorized access.

Layer three: Hallways, escorted areas, and gray space: The gray space, hallways and escorted areas that lead to the data center floor are frequently where proper security measures are overlooked. This can lead to unauthorized access of critical mechanical and electrical infrastructure.

Layer four: Facility entrance and reception: The visitor acceptance area is the first critical point within the building to control authorized and unauthorized access. This is a standards compliance requirement.

Layer five: clear zone: The clear zone is a large area that contains critical infrastructure assets such as generators, fuel containment and main power feeds. This zone requires security measures that enable total situational awareness.

Layer six: Perimeter: When properly implemented, the perimeter defense can reduce the overall cost of a data center facility’s security system and improve the effectiveness of the plan.