Protecting data centers by layering physical security entrances
Image via Boon Edam
Physical security is vitally important to help prevent unauthorized persons from entering data facilities to steal valuable intellectual property or cause harm to people or property.
The truth of the matter is that the easiest way to steal data is to gain physical access to a network or the servers themselves. While strong firewalls and other cybersecurity measures help prevent unauthorized logical access, hackers are more frequently breaking into data centers where they can easily plug into any IP connection — or steal a laptop or server and walk out with it. They can talk their way by security guards, slip in behind an employee who politely holds the door open for them, tailgate through an access-controlled entrance, or use stolen credentials to get into a facility. Deploying physical security measures is the best way to mitigate against this danger. Security entrances are a core component of this strategy.
Data centers can help prevent cyber threats by installing security entrances at entry and exit points at the perimeter of a facility and at critical internal access points. Security entrances are available in a variety of configurations to protect from unauthorized entry that can seriously increase a facility's risk for cyberattacks, and should be considered a critical component of a data center's cybersecurity best practices.
When it comes to cybersecurity, the firewall is not the only means by which sensitive data is protected. If a hacker were to breach the firewall, other obstacles are in place to shield the data: virus and malware scanning software, monitoring services for unusual network traffic, and similar techniques. Likewise, the implementation of security entrances must be executed using a layered approach. If an intruder were to breach the building's fence line perimeter or lobby, additional physical barriers have to be in place to protect the ultimate gem — the data on the servers.
Data centers can achieve high levels of security with layers of security entrances:
There are several styles of security entrances available, each designed with a specific purpose and level of protection including: security mantrap portals, security revolving doors, speed gates, full height and tripod turnstiles. Security entrances can be classified into three simple classifications:
Security entrances that prevent tailgating and piggybacking allow for the elimination or reallocation of guard supervision, providing security and facility managers with tangible ROI. These solutions include revolving doors and mantrap portals. Also, by collecting metrics gathered by sensor systems in these solutions, security personnel can predict and quantify their actual risk of infiltration.
Security entrances that detect tailgating and piggybacking can provide a visual obstacle against intrusion, and when coupled with biometric and access control devices, can detect unauthorized entry attempts and issue alarms for security personnel to take immediate action. This category of solutions includes speed gates, which are designed to detect tailgating and facilitate both security and visitor management operations.
Security entrances that deter unauthorized access serve as a deterrent against casual attempts to gain unauthorized access, and more often are in place to help keep people honest. They accomplish this by monitoring or controlling traffic under the supervision of security personnel. Appropriate for building perimeters, supervised locations, exit-only applications, or any location that needs to control large crowds, these tools include full height and tripod turnstiles, wide lane gates and monitored access solutions. Security entrances designed to deter unauthorized access cannot stop a piggybacking incident from happening on their own, and ideally require manned supervision for proper monitoring. The cost of supervision should be factored into the annual budget as a necessary expense. If an organization deploys an entrance that requires supervision and elects not to employ personnel to monitor the access point, management could be held liable if an event occurs as a result of their inaction.
The data collected using overhead sensor systems in security entrances designed to prevent and detect threats can also be used as a source of business intelligence. The intelligence provided from these devices can help forecast and quantify an organization's risk of infiltration and threat. Typically deployed at employee entrances and other sensitive areas within a facility, sensors further elevate the effectiveness and efficiency of security entrances as an enterprise-level solution. Security entrances designed to prevent and detect can be unattended security solutions.
To protect data centers and the critical data they contain, it is essential to think of cybersecurity and physical security as working hand in hand to protect critical data. Installing security entrances can help ensure that only people entering the building are credentialed employees or authorized visitors, providing the highest levels of security for facilities housing sensitive data.
When mitigating risk in enterprise physical and cybersecurity planning, remember that security entrances can reduce liability by demonstrating a plausible degree of effort to prevent infiltration. They protect the personal safety and security of staff, visitors and anyone else in a facility, as well as the organization's IT and computer systems and data. In addition, security entrances can also help reduce costs related to security personnel and false alarm management, while helping to maintain compliance to various government and industry imposed regulations and internal security policies.
This article originally ran in Security, a twice-monthly security-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here .
Derek Nilsen is the Director of Marketing for Boon Edam Inc. Nilsen has over 15 years of experience in the security industry and has been with Boon Edam for over ten yearsDeterring infiltration at the perimeter: Preventing intrusion at the server room: This article originally ran in Security, a twice-monthly security-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here .