Issue link: http://cp.revolio.com/i/359333
PRINCIPLES OF RELIABLE SECURITY DESIGN e layout of data centers varies widely. Some are standalone buildings that only house the computer room proper and immediate support areas, whereas others are simply one part of a larger structure with many departments or even many organizations sharing the same street address. In the case of colocation data centers, a lone facility can encompass the property of numerous businesses in the same room. us, physical security design must first take into consideration the situ- ation of the data center and address the threats specific to that situation. No one approach can serve adequately in all cases. In addition, the various aspects of security must be treated in a manner that gives each one its due weight. Jim Cober, principal of critical facilities for Corgan, said, "e key we stress is developing a balanced security design across the physi- cal, technical and operational aspects that are appropriate for the facility. Having any one aspect over- or undervalued leads to an unbalanced dependence, which can result in a security risk." For instance, a focus purely on preventing non-company individuals from accessing a data center may seem to resolve almost every on-site security concern, except that it fails to address insider threats. Limiting computer- room access to only those employees that need it reduces the risk of insider attacks by cutting the number of authorized indi- viduals and therefore reducing temptations (and targets of extortion or bribery). Brad Ratushny, director of infrastruc- ture for INetU, notes that physical security should be treated in a layered approach. ese layers can involve access control, such as perimeter fencing and guard houses to limit entrance to the campus, as well as man traps and other measures near the computer room; or they can involve au- thorization and accountability, such as the use of multiple identification factors, video surveillance, alarm systems and security- data analytics. Ratushny said, "Physical security is broken into two pieces. ere are the physical elements such as cameras, access control systems and locks, but the operational processes such as visitor and contractor policies, and general awareness training are equally important. If both elements are not addressed, neither will be 100% effective." Cober views the design of physi- cal data center security as requiring the synthesis of access and isolation—two opposing concepts. "Access control allows the necessary physical entry to spaces, but also provides accurate tracking and logging of who goes where and when. is creates a safer and more secure environ- ment by allowing employees, visitors, tenants, and other personnel access only to those areas where they are permitted." On the other hand, "Isolation control limits access through boundaries and creates the preferred separation between activities and spaces. e primary intent is to protect against external physical threats and unau- thorized access." Here, he defines external as residing outside the area being secured. Summarizing the two, he said, "ese two control aspects must be designed as a holistic system as they are only as strong as the weakest link." ese two complementary views help establish a broad philosophy for ap- proaching physical security in a systematic, thoughtful and—the data center operator hopes—reliable manner. IMPLEMENTING ACCESS CONTROL Access control for a particular space essentially comes down to keeping out anyone who has no legitimate business in that space. Implementing an outmost layer of protection can be as simple as following the principle "out of sight, out of mind." Fences and guard houses, along with pe- rimeter video surveillance, can all protect the company campus and thus the data center it contains, but strategic landscaping and minimal advertising of the presence of a data center can also help by not attract- ing attention. But the property should remain in view of the company. "While too many cameras can be cumbersome, too few can create gaps in the monitoring net. Maintaining overlapped or layered camera coverage of critical areas assures effective operations even with simultaneous events," said Cober. "One common example is the need to be able to track normal site access activities, while maintaining full perimeter monitoring." Inside buildings or at their entrances, stricter access control becomes criti- cal. Multi-factor authentication provides greater protection than just, say, an iden- tification badge. "I've been on data center tours where the tour guide borrowed an access card from another employee," notes Ratushny, exemplifying an access-control system that was all too easy to circumvent. A stronger combination in this case is an ID badge or other card, a biometric input and a PIN—that is, something an individu- al has, something he "is" and something he remembers. e levels at which strict access control is implemented depends, again, on the layout of the facility. For instance, an identification badge might be sufficient to enter a building that houses more func- tions than just the data center. Greater authentication requirements might then be required of data center–related areas, with the strongest being reserved for the computer room proper. Beefing up this authentication process could involve man traps (or something less dramatic, and less expensive, like a turnstile) and security guards to prevent piggybacking. In addi- tion, video surveillance of access points is critical—if not for real-time monitoring (say, if a guard is already present), then for examination of access incidents to inform security improvements. Combined with video analytics, surveillance enables "en- THE DATA CENTER JOURNAL | 9 www.datacenterjournal.com M uch of the focus on data center security revolves around the IT component: repelling DoS attacks, identifying and eliminating malware, thwarting remote intrusion attempts, and so on. But physical security is just as important, if not more so. Designing reliable physical security, however, involves many of the same principles as designing reliable network security: properly isolating certain areas, controlling access to others and anticipating (and preparing for) avenues of attack.