Streamlining access while also giving private, valuable data the security it needs: This is the balancing act which every data centre manager faces. The answer could be simpler than they think: Choosing the right electronic access control solution, integrating it and maintaining flexibility for every data centre user, visitor, customer and temporary contractor.
A breach in data security can cause severe financial damage. According to IBM’s latest “Cost of a Data Breach Report”, the average is $4.24 million (€4 million), a figure which has grown by 10% since 2020. Among European countries studied, the report finds the highest average cost in Germany: $4.89 million (€4.62 million) per breach. Healthcare is the sector where breaches are costliest, also according to the report.
For a data centre which provides co-location or managed cloud hosting services, the damage to reputation and trust could be catastrophic. Investments in these sites are often at a huge scale: The total investment at one data centre campus in London’s Docklands is expected to total £1 billion (€1.18 billion) by 2025. In other words, there is a lot at risk.
Enhanced cybersecurity is one obvious countermeasure, for both in-house enterprise centres and third-party facilities. However, compromising the physical security of servers is another route to many breaches — among the top 5 sources of initial attack, according to the IBM report.
How then can businesses avoid taking unnecessary, potentially expensive risks with servers and data? Well-chosen and correctly configured access control is part of the answer.
The importance of 3-layer access control
According to the UK’s Centre for the Protection of National Infrastructure: “Data centre operators should be able to demonstrate they have used a risk-based layered approach to security”.
“The ideal access control solution for a data centre usually demands three levels of security working together within an integrated system,” explains Lars Angelin, Aperio Business Development Manager at ASSA ABLOY Opening Solutions EMEIA.
On the outer level, perimeter security ensures only authorized personnel enter the building. Here, high-security door and gate locks can work alongside the likes of CCTV and monitored fencing. This is the first line of defence against every physical security breach.
Level 2 — room access — can be monitored and controlled with a range of access control door devices or electronic security locks. These enable monitored and filtered movement around the centre, balancing convenience and security.
The access control system should handle fine-grained access to separate rooms by user, security level or time of day or week. It must be simple for administrators to issue temporary access via a card credential or Mobile Key. Any lost credential must be cancelled easily, with a few clicks in the system software.
The third, final level of physical data security is the server rack or cabinet itself. Server rooms get a steady flow of authorized traffic: cleaners, maintenance staff and technicians, for example. Employee screening cannot be perfect — and accidents happen. Rack or cabinet locking is the last line of defence against a physical breach, malicious or accidental.
For more news updates, check out our June issue here.
Media contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
