Data center physical security
Security in a data center is the thin line between your personal information and the rest of the world. Physical data center security only makes up part of the picture, but it can potentially demand a larger initial investment than their software security.
The only reason why you don’t worry about this information being exposed is due to trust in affiliated companies’ data centers. And it’s not even a matter of their ethics – it’s about how physical security, among other factors, stacks up against other data centers.
Data center security layers and tiers
“Layers” of a data center are often referenced in relation to security structure. Each layer represents the security steps needed to pass through to the next layer.
Depending on who is explaining their layers, there may be a different amount, which is why there isn’t a true physical security checklist for data centers. Some organizations label their outermost layer of security “layer one” while others do the opposite.
Additionally, there are tiers of data center security, but the categorization mostly revolves around uptime. A tier 4 data center is the highest standard, only being down for 26 minutes per year. Security and uptime are both closely related, but uptime focuses on having backups for components. None of the data centers referenced in this article are less than tier 4.
Because there is no standardized format for categorizing different areas of security we will focus on the outside and move to the inside.
Location matters
The largest data center in the world is located in the mountains of Nevada for a number of reasons.
One, it’s next to a Tesla Gigafactory and Walmart Distribution Center so there is an existing high speed networking infrastructure. Other than a few large warehouses, there’s nothing around for miles. This is exactly the environment that a data center is looking for – a place away from civilization that has a strong networking infrastructure.
Two, it’s strategically located to be as efficient as possible in terms of latency and cost.
“The Switch PRIMES® are intentionally located in the most cost-effective area of each North American zone based on low or no taxes, lowest cost of power, lowest cost of connectivity, lowest costs of living and lowest risk from natural disasters.” – Switch
Lastly, they want to avoid bad weather. Being in between mountains helps break wind down, they are not near any fault lines and they are away from a hurricane threat in the ocean.
Essentially, being as remotely located as possible along with avoiding natural disaster is ideal for security. The only downside is that the location may not be attractive to talent that would prefer to live in a populated area.
Space is security
Physical security at a data center starts as far away from the actual racks as economically possible. The further away you are able to keep a risk factor, the more likely it is to control before reaching what you are protecting.
Because of this, even landscaping is taken into consideration. Trees can hide security cameras and make the data center less visible. A data center surrounded by landscaping rocks can make it difficult for someone to sneak inside. This idea goes hand in hand with the incentives to locating the data center away from potential intruders.
The occupied property starts with crash barrier fences. Switch’s fence appears to be fully concrete with bent metal at the top as an alternative to barbed wire, and stands well over 10 feet in height.
One of the reasons we can only speculate on Switch’s security features is because maintaining secrecy helps maintain an edge against threats. What can be seen from the outside is most of what we know about their security practices.
Physical security inside of a data center
Though we’ll never know the exact details of a particular data center’s security system, there are common, well known security mechanisms. Also, data centers are forced to take a similar approach when determining their security policy.
Entering a data center usually means passing through an interlocking door. This type of access control can identify the person that is entering and only allow one person in at a time. Interlocking doors use security features like biometrics, ID cards and single person sensors.
Entry points also need to be minimized in order to reduce unauthorized access. This means that they are designed to have few doors, but also windows. Many data centers don’t have windows unless they are in an area completely separated from servers.
Metal detectors are also important for reasons that you might not expect. Ofbcourse, someone carrying weapons into a facility is not good, but a more likely concern might be someone trying to leave with a hard drive. Most often, the information on data center servers is encrypted, but a stolen drive can still be a liability.
Some security mechanisms are really simple, like having enclosed server racks that lock. For servers with more sensitive information, like credit card details, you can even use a dual locking bracket. These require two different keys to be present at once in order to access the server.
Physical security is only part of the story
As you now know, Data Centers are meticulously built with every step accounting for security. According to Anixter research, every data breach costs companies around $5.5 million.
Data centers revolve around two things: Securing and distributing data. When you have near trillion dollar companies like Google who are built almost exclusively off of those services, it’s not surprising they spare no expense on security. On top of that, helping customers feel like their data is in good hands gives them a competitive advantage.
Even after the physical security effort, there is an equal amount of focus on the cybersecurity side of things. Some examples are running custom, torn down versions of Linux on servers to encrypting every piece of data.
RackSolutions’ engineers have proudly assisted the data center industry for over 20 years, providing efficient and secure solutions for their needs. If you are interested in finding high quality products to secure your IT equipment, check out our Data Center Rack Cabinet Enclosures and other related products.
