Data centers, and the valuable information they hold, are among the most valuable assets in any organization. Because strong firewalls and other cybersecurity measures help prevent unauthorized logical access, hackers are shifting their attacks more frequently to physical access in the real world. They have discovered that breaking into data centers provides easy access to direct IP connections, and that once inside they can just steal a laptop, backup drive, or server and walk out with it.
Common approaches for data thieves include talking their way past security guards, tailgating authorized staff, and using stolen credentials to gain access. Data centers can dramatically reduce or eliminate these threats by installing security entrances at entry and exit points at the perimeter of a facility and at critical internal access points. Implementing a layered approach to physical security is the best way to mitigate unauthorized entry and all the associated risks and liabilities.
In this blog, we’ll step through the critical security layers that data centers need, and discuss considerations for selecting the best security entrance solution for each layer.
Layer 1: Deterring Infiltration at the Perimeter
Strong physical security starts with keeping unauthorized users off the premises altogether. If it is feasible, the first security layer can be the property fence line, or some other barrier outside the facility itself. If that is not feasible, then the building entrances and outer walls form the first secure layer.
For this layer, it is important for the security entrance, and the perimeter generally, to not only authorize and control access, but also serve as a deterrent against casual attempts to gain unauthorized access.
Depending on the specifics of the situation, such entrances may be staffed or monitored by security personnel, or unstaffed. For example, many secure buildings install a fence surrounding the building to provide a buffer zone where intruders can be easily detected. In these cases, employees and visitors park their cars outside the fenced area and use the secure entrance to approach the building. This is an ideal application for an outdoor full height turnstile, which provides a strong visual deterrent against infiltration, and when properly equipped, can also prevent tailgating and other security risks. Full-height turnstiles are effective and appropriate for building perimeter applications, supervised locations, and exit only applications, among others.
New biometrics and sensor technologies installed in full height turnstiles can detect when two people attempt to enter the turnstile using one credential and lock the turnstile, preventing entry. These new sensors also feature “walk-away” detection that locks the turnstile if an individual presents their credentials for access authorization, has been approved allowing the turnstile to be unlocked, starts to enter the turnstile, and then backs out.
If a perimeter fence is not feasible, then the building entrance becomes the first layer perimeter. Depending on the specific arrangement, building entrances can be lobbies that accommodate staff and visitors, or employee-only entrances. Either type may be staffed or unstaffed. In these cases, it may be desirable to implement security entrances that can both provide a strong visual deterrent and also detect unauthorized entry attempts and raise alarms so that security staff can respond immediately. Security entrances to consider in these cases include security revolving doors and mantrap portals, which can detect unauthorized entry attempts, including piggybacking and tailgating to prevent unauthorized access in real-time, and trigger a visual, audible and electronic notification via the PACs.
Layer 2: Preventing Intrusion
The second layer is the last layer protecting the most sensitive area in the data center. For this layer, it is critical that a physical security entrance not just deter intrusion, it must detect it and prevent it.
One approach to increasing the security capability to that level is to staff the entrance with round-the-clock supervision for proper monitoring. In that approach, the cost of supervision would be a necessary ongoing expense.
Most organizations prefer to focus guard staff on other tasks, so an alternative is to choose security entrances that can prevent tailgating and piggybacking on their own. Security mantrap portals equipped with biometric multifactor identity authentication and overhead sensors that detect if more than one person is inside the mantrap portal are the best suited for this application. These integrated security entrance solutions can confirm that the one person inside the portal is the right person being granted access, preventing unauthorized access to critical areas. Also, by collecting metrics gathered by sensor systems in these solutions, security personnel can predict and quantify their actual risk of infiltration. These secured entry solutions are perfect for maintaining high security without requiring any ongoing staffing further contributing to their ROI.
A layered approach is the best practice to protect your data center, whether a stand-alone facility or housed within a multi-purpose building. Using purpose-built secured entry will protect the personal safety and security of staff, visitors, and anyone else in your facility, as well as your organization’s IT and computer systems and data. In addition, security entrances can also help reduce costs related to security personnel and false alarm management, while helping to maintain compliance to various government and industry-imposed regulations and internal security policies.