Most commentators agree that we are in the midst of a digital revolution. Data will play an important role in the world of business, and over time, competitive benefits will accrue for businesses that can effectively use data to their advantage. Data volumes continue to grow exponentially, with 40 zettabytes expected to be created by 2020. Despite the wealth of opportunity that this situation presents, data security remains a critical issue for the industry. Although much of the focus is on cyber security, the importance of physical threats to information held in data centers must be remembered.
It’s expected that the global data center infrastructure management (DCIM) market will grow at a compound annual growth rate (CAGR) of about 15% between now and 2020. Data volumes are exploding, requiring safe and effective storage, processing and administration. Unsurprisingly, the number of data centers being built around the world has increased, and all of them need to protect data from a range of threats.
More and more businesses are now hosting applications and storing data in colocated data centers. Although these colocation facilities represent a favorable alternative for many businesses compared with hosting data in a dedicated data center, offering lower cost, greater reliability and 24/7 local support, shared access to critical infrastructure carries its own set of challenges. As physical security becomes more important, companies must safeguard business-critical data against accidental breaches to prevent theft or damage to valuable equipment, as well as the possibility of sensitive information falling into the wrong hands.
Protecting Against Threats From Within
Although extensive measures are in place to secure the perimeter of a colocated data center, the biggest risk to security often comes from inside. Although the threat of malicious unauthorized access is a real concern, it’s worth mentioning that a sizable portion of breaches are accidental.
Research has shown that accidental and malicious unauthorized access from within data centers accounts for between 9% and 18% of total data breaches, costing the global industry more than $400 billion annually. Given the ever present risk of data breaches, the need for physical security at the rack level becomes critical. Not only must these security measures maximize cost efficiencies for data center owners, while barring access to unwanted intruders, but they must also deliver a complete audit trail, providing a clear overview of access and highlighting anything irregular or suspect to those with the power to act.
Traditionally, access to individual racks has always been protected by key-based systems with manual access management. In some instances, data center owners have turned to a more advanced coded key system, but even this approach provides little in the way of security—and no record of who has accessed the data center, making the collation of accurate audit reports practically impossible.
To ameliorate the problem of unauthorized access and concerns surrounding data security, traditional security systems are quickly being replaced by sophisticated electronic-access-based solutions. Above all, these solutions provide a comprehensive locking facility while offering fully embedded monitoring and tracking capabilities. They form part of a fully integrated access-control system, bringing reliable access management to the individual rack. The system also enables the creation of individual access credentials for different parts of the rack, all while eliminating the need for cages and thereby saving cost.
What makes these electronic-access solutions so effective is that they can generate digital signatures to control and monitor access time and tracking for audit trails, helping to comply with growing data-security standards including PCI DSS, HIPAA, FISMA, European Data Protection and Sarbanes-Oxley. Furthermore, as a standalone system, they require no network and no software to operate, instead being complemented by a manager key that can be used to add and remove users in real time as well as execute a power override if necessary.
An Integrated Solution for Rack Security
Any physical-security upgrade in the data center has its issues, of course. Uninstalling existing security measures in favor of new ones costs both time and money, which is why data center owners are turning toward more-intelligent security systems such as electronic-locking swinghandles, which can be integrated into new and existing secure server-rack facilities. They employ existing lock panel cutouts, eliminating the need for drilling and cutting. This approach allows for lock standardization in the data center, saving considerable time (and therefore cost)—something that holds real value given the pressing demand for data center services.
The device also helps to solve the issue of rack security by integrating traditional and contemporary access control, giving the racks maximum protection. Physical access can be obtained using an RFID card, pin code, Bluetooth, Near Field Communication or biometric identifications. Furthermore, the addition of a manual-override key lock allows emergency access to the server cabinet and surrounding area. Even in the event that security must be overridden, an electronic-access solution can still track the audit trail, monitoring time and rack activity. Such products have been designed to lead protection efforts against physical-security breaches in data centers all over the world.
Adapting Technology to Meet Future Needs
As data center threats continue to increase, technologies such as electronic-locking swinghandles will become even more in demand as companies seek greater protection for their business-critical data. Therefore, security systems must become more intelligent and integrated to afford business owners peace of mind. The industry has an increasing need for access solutions that combine protection and monitoring functions to combat the often overlooked threat of physical data breaches.
About the Author
Simon Williamson is Business Development Manager at Southco. Southco is the leading and trusted global source for engineered access-hardware solutions, including a variety of latches, locks, captive fasteners, quick-access fasteners, hinges, handles, inserts, electronic-access solutions and other accessories for applications in the networking, telecommunications, computer, automotive, aerospace, mass-transit, off-highway/construction, medical, RV/caravan, industrial-machinery, marine and HVAC industries.