Every data centre manager faces a delicate balancing act: How to streamline user and visitor access, while also giving private and valuable data the security it needs?
The stakes are high. Any breach in data security can cause severe financial pain. According to IBM’s latest “Cost of a Data Breach Report”, the average is €4 million — and this figure has grown by 10% since 2020 alone.
Among European countries referenced, the report finds the highest average cost is in Germany (€4.62 million per breach) and that Healthcare is the sector where breaches are most expensive.
When the data centre is the business — providing co-location or managed cloud hosting services, for example — damage to reputation and trust could be catastrophic. Investments in these sites are often very large: at one data centre campus in London’s Docklands, an estimated £1 billion (€1.18 billion) by 2025.
In other words, when designing and implementing data centre security, there is a lot at risk.
The challenge: physical security is among the top 5 areas of data centre attack
Enhanced cybersecurity is an obvious countermeasure, for both in-house enterprise centres and third-party facilities.
However, many breaches begin with an attempt to compromise the physical security of servers. This is among the top 5 sources of initial attack, according to the IBM report.
How then can businesses avoid taking unnecessary, potentially expensive risks with their servers and data?
According to SA POPI (Protection of Personal Information), law data centre operators should be able to demonstrate they have used a risk-based layered approach to security.
The solution recommended by experts: 3-layer access control
Well-chosen, correctly configured, layered access control is part of the answer, according to many experts.
The ideal access control solution for a data centre usually demands three levels of security, all working together within an integrated system.
Level 1 – Perimeter Security: On the outer level, this ensures only authorized personnel enter a building. Here, high-security door and gate locks can work alongside complementary systems and devices like CCTV and monitored fencing.
Perimeter Security is the first line of defence against every physical security breach.
Level 2 – Room access: This can be monitored and controlled with a range of access control door devices or electronic security locks. They enable monitored and filtered movement around the centre, balancing convenience with security. Room access solutions include electronic cylinders, escutcheons, security locks or door locking handles with inbuilt RFID capability.
All devices should be integrated within a single access control system. This system must be able to handle fine-grained access to separate rooms or zones by user, security level or time of day or week.
Administrators must find it easy to issue temporary access via a card credential or Mobile Key. Any lost credential should be cancelled with a few clicks in the system software.
Level 3 – Server rack access: The third, final level of physical data security is the server cabinet itself. Server rooms get a steady flow of authorized traffic: cleaners, maintenance staff and technicians, for example. Employee screening cannot be perfect — and accidents happen.
The right rack or cabinet locking can be deployed in-house or installed on rented servers at a co-located data centre. This is the last line of defence against a physical breach, whether malicious or accidental.
The Aperio solution for data centre physical security
Designed for the innermost layer of data security — rack level — the Aperio KS100 Server Cabinet Lock can add either offline or online, real-time access control and monitoring to the server itself. The lock integrates with almost any existing or new access control system and accepts any standard RFID credential. The Aperio C100 Cylinder may also be deployed to secure server storage units.
A whole range of Aperio battery-powered electronic cylinders, escutcheons, handles and locks manage access at Levels 1 and 2 of the 3-layer model.
Aperio’s integration-ready platform design ensures they all work seamlessly with access management systems from over 100 different manufacturers, including ASSA ABLOY’s own Incedo Business ecosystem. These integrations provide data centre managers with the choice and flexibility required to match their needs to a device for every individual application.
With the right access control in place, data centre managers react quickly to events, while simultaneously offering convenient access to data centre staff, authorized visitors, customers and technicians.