Physical Security: Rack Security and Protection
December 5th, 2012 By: Industry Perspectives
Finger on the Pulse
An increasingly popular way of ensuring that only authorized personnel have access to cabinets is by using biometric technologies. These automatically measure people’s physiological or behavioral characteristics and examples include automatic fingerprint identification, iris and retina scanning, face recognition and hand geometry. The major advantage that this type of solution has over PINs or RFID cards is that it cannot be lost, transferred or stolen and is completely unique.
Although previously considered too expensive for most data center based installations, the falling costs of technology over the last few years has meant that fingerprint security at the cabinet level has become a cost effective reality – one that is becoming more and more popular.
The time taken to verify a fingerprint at the scanner is now down to a second. This is because the templates – which can be updated / polled to / from a centralized server on a regular basis – are maintained locally, and the verification process can take place whether or not a network connection is present. The enrollment process is similarly enhanced with a typical enroll involving three sample fingerprints being taken on a terminal, with the user then able to authenticate themselves from that point onwards.
This level of efficiency, cost effectiveness and all round reliability of fingerprint security means that a growing number of clients are now securing their IT resources at the cabinet level and integrating the data feed from the scanner to other forms of security such as video surveillance.
Seeing is Believing
In the event of a security breach, being able to identify the person(s) attempting to gain unauthorized access to a cabinet is extremely useful in bringing them to book. Fortunately, there are a number of tools that can help to achieve this.
Cabinets can have a video recording system installed that can either record constantly or be activated in the event of an access attempt. The system will send the data center manager an email containing a still image of the person trying to gain access. That person can then remotely access the video system and watch events unfold and, when an audio device is also used, the unauthorized person can be addressed verbally. State-of-the-art systems also allow recording devices from eight cabinets to use one network video recorder (NVR), which also makes this method of monitoring cost effective.
The use of video is a tried and tested way of tracking movements in a facility and establishing who was doing what at a particular time. Although this comes with its own independent remote software package, it can also be incorporated into a data center infrastructure management (DCIM) system. Not only can this be used to monitor, control access and designate user privileges, it can manage elements such as power usage and optimization, environmental control and fire suppression systems with one single suite of dedicated software. Some leading solutions secure password and role permissions on users to ensure the remote systems are as secure as the sites.
The threat of data theft and damage to equipment must be taken seriously – those that fail to implement a thorough multi-layered system run the risk of damaging their businesses and reputations. Rather than just being seen as metal boxes, cabinets and racks are in fact at the front line in keeping data safe and ensuring that audit trails comply with relevant legislation.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.
Remember that the described security systems are, in reality, nothing more than control systems. The question is have they been through a rigourous security design process? Or will we see the same type vulnerabilities appearing in these systems that we have been seeing in industrial control systems over the last two years?