Data centre security is a big issue: especially for co-location centres hosting multiple racks for multiple, often competing, clients. Given the number of people passing through a data centre on a near daily basis, poor rack level security creates unnecessary risk.   Rack security While the government, banks and police authorities now demand Intrusion Level 3, 4 and even 5 for anti-terrorist systems, the vast majority of data centre environments are failing to impose adequate controls over physical access to individual data centre racks.   Most co-location centres rely on the use of locked cages to separate the IT equipment of each client. But how robust is this model?  What happens when an engineer requires access to a server or rack?  Simply unlocking the cage provides access to the entire suite.  If a problem arises, how can the data centre manager determine the what, when and who?   Change control
At best, racks are secured only with standard handles using a manual key which can be easily broken or bypassed.  These locks provide minimal protection and standard keys are really not practical: key management is time-consuming and the risk of loss is high.   Instead, organisations can deploy network enabled electronic key pads that can be opened remotely or via HID proximity code access.  The model is inherently flexible; enabling organisations to impose the diverse control levels that reflect the different risk or data value of either client or specific rack. At the simplest level, cards can be configured for specific periods of time i.e. to cover the visit of an engineer.  At a higher level, where two people are required to access the rack, the rack will only unlock with two approved access cards presented simultaneously.  The system will automatically raise an alert to security if the doors are opened without approval or if doors are left open and not locked after the engineer has completed the work.   To create an even more robust model, access can be linked to the change control system: no rack can be opened unless the correct change control request has been made and authorisation received.  Indeed, in some cases organisations do not even permit the co-location provider to enter the racks and undertake any work without change control in place – if access is required a request is made via telephone and a change control issued for a specific time of day/ individual and the door is opened remotely.   Cost benefits
In addition, rack level security releases a significant amount of space.  Typically most co-location centres use cages to provide separation between client installations but, in addition to being unattractive, these cages take up a lot of space that could be generating additional revenue.   Opting for rack level security creates a more flexible data centre model that enables co-location providers to be far more agile in the way racks are reallocated to new business.  Furthermore, combining network enabled security with video surveillance reduces the costs associated with physical security guards. To find out more about Room & Rack security, click here.   Guest blog by Jason Preston, Director, 2bm Ltd T: 0115 925 6000 E: info@2bm.co.uk www.2bm.co.uk