Written by Chip Freund on August 01, 2018
Data Center Security - Inside and Out
Fort Knox, ADX Florence Prison, Cheyenne Mountain and Area 51 have one main thing in common: they’re considered the most secure facilities in the United States.
Fort Knox, for example, boasts a 22-ton door that locks using a combination entered by at least ten different staff members. As if that’s not enough to secure the approximately 5,000 tons of gold it contains, Apache helicopters, tanks, fences, guards, concrete-lined granite walls and alarms surround the facility. Cheyenne Mountain, a bunker about 2,000 feet below the Rocky Mountains that once housed the North American Aerospace Command (NORAD), is designed to withstand a 30-megaton nuclear blast.
These facilities are armed with the necessary physical precautions to ensure security. They have also been upgraded in recent years to combat the virtual threats that have increased significantly with the growth of online and digital data and devices. It’s no secret that even buildings with the most stringent physical security aren’t impervious to cyber threats.
In the case of data centers, a holistic approach to IT infrastructure security is necessary to effectively defend against both physical and virtual threats. This approach must not only include policies and procedures but also a focus on data center employees, their roles within the organization and the accessible resources they need in order to perform their job at the highest level.
Those who invest in data center services through a colocation provider should utilize a thorough checklist to confirm they’re putting their IT infrastructure in the best hands possible. They should verify specific criteria – from physician entry locations to network connectivity - are met when assessing all means of access to their infrastructure, data and applications.
On the physical side, it’s essential to verify the selected colocation provider’s facilities actively enforce access policies. For example, does the provider prohibit door-propping? Do they have alarms on doors that remain open too long? What are their by-pass door policies? Also, how do they enforce such policies?
On the network security side, enterprises should investigate how the colocation provider documents and secures all connections to IT infrastructure. They should evaluate Internet connections, WAN circuits, data center cross-connects, VPN connections, out-of-band management circuits and similar items.
These are just a couple of the areas enterprises utilizing colocation should examine to ensure their IT infrastructure is secure – inside and out. Our executive brief, “The Secure Data Center: A holistic approach to cyber-resilient colocation,” includes additional information on the important criteria for and benefits of a secure data center. By putting greater focus on the overall security of the colocation data center, enterprises can not only maximize uptime and availability of their IT infrastructure but also ensure data, infrastructure and networks are protected and meet required compliance standards.