Data centers are highly sensitive areas when it comes to protecting sensitive data. The need to build and secure a ‘gold standard’ facility is top-of-mind for those tasked with the responsibility.Once a thorough and professional risk assessment has been done on the data and equipment, the results will give a good foundation to determine to what extent the facility will need to be physically secured.
Your risk assessment should weigh up the impact of the security breach versus the likelihood of it actually happening. It is impossible to cover all the risks perfectly but there are general rules to follow to mitigate much of the risk in these areas. The name of the game is risk management and a good balance of ‘CIA’ (confidentiality, integrity and access). A healthy balance between all three of these is where you want to be.
The purpose of a data center is to keep unwanted people out of your facility and quickly identify those who somehow manage to move forward into the building without the necessary permissions. A layered approach is what works the best in this critical segment. What I mean by this is a flow of entry which begins lightly and gets heavier and more secure the deeper into the area you go.
Starting at the entrance to the exterior of the areas – usually a robust gate with CCTV and an intercom system. Moving onto the next level which is usually a sliding or revolving door- with or without access control functionality. Further in there is a public reception area with manned security personnel checking the credentials of visitors and monitoring staff movements. Often at this point there can be optical turnstiles with integrated access control which check credentials via a card, barcode reader or biometrics. This medium level security is there to detect and will sound an audio alarm, send a visual cue and often a silent alarm to the security control desk. The person will physically be able to move forward – but somebody will have been alerted and will promptly stop the security breach.
After this point, and at the deepest point of the building a high security door or portal will use technologically advanced biometrics to check the credentials of the person attempting access to this next part of the building and also completely prevent any tailgating attempt.
Integration between door access control systems and security entrances can be a fine art; the perfect balance of functionality, space and aesthetics.
There are various types of access control systems available today, everything from barcode and QR code readers, to fingerprint and iris scanners, to traditional card readers and key pads. The size and shape of each individual device varies greatly based on both type and manufacturer. Let’s discuss some ways you can integrate an access control system with your security entrances.
Large data centers are implementing two-factor and multi-factor authentication techniques at their facilities to decrease the possibility of an intruder infiltrating the building. According to LoginTC, two-factor authentication means, “an attacker needs to solve two fundamentally different problems, each in different dimensions, in order to compromise your identity.”
Use of two-factor or multi-factor authentication typically involves the integration of two different access control devices for access through a single security entrance. This level of integration requires proper preparation and planning. There are, however, some all-in-one devices that can accept two or three authentications, e.g., a single Morpho Sigma device can accept any combination of a card reader, unique pin and / or fingerprint.
The fusion of your access control device and your security entrances shouldn’t be an afterthought, but an integral part of your building design from the very beginning. Speak to your security entrance manufacturer about the integration solution that will work the best for your top security business.
Sophisticated tailgating and piggybacking detection systems in security revolving doors and portal entry solutions provide a wealth of valuable data. These include a lot of granular information that replaces what a guard could be asked to provide manually – e.g., number of passages, inbound / outbound tailgating and piggybacking rejections, biometric access control rejections, emergency button rejections and so on. Such information is very useful in providing very accurate intelligence on throughput, user education needs, etc.
The most provocative data is predictive data that can predict your chances of being infiltrated. Security revolving doors and portals include anti-piggybacking detection technology sophisticated enough to provide a probability, expressed as a small percentage, that two people could piggyback through the door successfully. This capability is new territory for the security industry and allows executives a high degree of confidence that the places these doors protect are secure from infiltration.
If we are completely honest - perceptions matter. Even in an organization which should be striving to be low-key. While this holds true for the exterior of the data cent re, once safely inside organizational leaders are responsible for ensuring that their businesses are perceived as safe. And while actual safety and perceived safety are inter-related, they are not always identical. This is seen in other areas of life as well: for example, one YouGov poll showed that people believed that New York City is the second most dangerous city in the US, even though data shows that NYC is in fact the least dangerous large city in the United States.
While harder to measure, aesthetic perceptions matter for businesses as well. To that end, the perception-building process begins the moment a person walks through the door (and often before that). With that in mind, security entrances should foster confidence for all parties who rely on them: the system must not only protect employees but also help them feel safe on a day to day basis. Beyond actual safety, security entrances also create a feeling of prestige for the facility that impacts personnel and visitors alike. A new visitor’s first interaction with your brand may be with the security system. That first interaction and every one after should foster a feeling of competence, sophistication, efficiency and safety.