Insight and analysis on the data center space from industry thought leaders.
Rethinking Physical Data Center Security in the Digital Age
With digital and physical data center security closely intertwined, are fobs and key cards enough?
November 16, 2023
In a time when cybersecurity assaults are seen as one of the biggest threats to business, it can be easy to inadvertently deprioritize the physical security of the data center, the heart of most organizations’ digital operations.
Such oversights can lead to costly mistakes, as physical attacks can be just as damaging – if not more so – than cybersecurity attacks. In both cases, the result can be theft, property destruction, and the loss of vital information.
While the focus on cybersecurity attacks is justified, we mustn ’t overlook the fact that an estimated one in 10 occur through physical security compromise. The same research finds that physical security compromises account for a higher percentage of data breaches than email phishing, malicious insiders, or lost devices.
Targeted Attacks
While data servers often have cybersecurity systems and tools in place to prevent data breaches, the security of physical servers hasn’t always received the same high level of attention. However, this is changing, with malicious targeting of physical data centers emerging as an unfortunate new development.
Perhaps the most prominent example of this occurred in 2021, when a man was charged with plotting to blow up an Amazon data center in Virginia. Had he been successful, not only could this have endangered the lives of Amazon workers, but it could also have potentially taken down wide swaths of the internet that depend on AWS for its cloud infrastructure.
Plotting the full-scale destruction of a data center might seem like an extreme example, but physical security breaches can result in other forms of compromise, including unauthorized server room access, downloading malware directly onto a physical server, or theft or damage of hard drives. In this sense, digital security and physical security are inextricably linked.
Against this backdrop, data center managers need to consider new ways to protect the physical security of spaces where data and applications are kept. They must consider if the methods they’ve traditionally relied upon, such as fobs and keycards, are still sufficient. The fact is that fobs and keycards aren’t perfect, foolproof systems as they are not bound to an individual. They can easily be lost, stolen, or borrowed, allowing access to unauthorized individuals.
Fresh Approaches to Authentication
These challenges can be readily overcome with the use of more modern tools like biometrics – or the measurement and use of certain physiological characteristics like face, voice, and fingerprints. Using biometric authentication can get an organization to the next level of data center security that goes beyond traditional fobs and keycards.
There are some key questions that data center managers should consider when evaluating if biometrics is right for them. For example, will using biometrics enable greater operational efficiency? An excellent example is high-security data centers that will no longer need a security guard 24/7 to ensure the identity of a person entering the data center. This can be highly effective during off hours, but still provides the flexibility to add staff if you are worried about high traffic times. The opportunity to save money in this instance can be substantial.
Something else to consider: are more advanced forms of security necessary for compliance? Depending on your industry sector, the answer may be yes. In the government sector, for example, new compliance regulations mean that some federal contractors may no longer be eligible to receive a government contract if they don’t have a beefed-up, fully modernized physical data center security system in place.
It used to be that only large companies could offer biometrics because they were expensive and time-consuming to implement, often requiring an overhaul of existing infrastructures. Today, however, this is changing as biometric capabilities are now available in a cloud-based SaaS model, also known as Biometrics-as-a-Service (BaaS). Any size organization can now use biometrics as part of their physical data center security system – whether it’s a small organization securing a single door, office, or closet, or a global enterprise with multiple data centers.
Biometrics in Data Centers: What You Need to Know
Here’s what you need to know about incorporating biometrics to create an ultra-modern physical data center security system:
First, and perhaps the best news, is that in many cases organizations don’t have to add new infrastructure (like cameras or readers) or replace existing infrastructure; they can leverage the equipment they already have along with the bring-your-own-device (BYOD) trend.
Biometrics combined with BYOD automatically offers superior security levels associated with multi-factor authentication (MFA). In this case, something a person has (their device) is being combined with something he or she is (face, voice, or fingerprint), so biometrics with BYOD can replace fobs and keycards entirely.
Second, with biometrics, organizations can determine and set access requirements based on risk assessment. The higher the risk and the more security that is required, the more stringent and thorough the authentication measures need to be.
Third, today’s biometrics are equipped with ‘liveness detection,’ which makes the chances of subverting biometric-based systems nearly impossible.
It’s clear that threats to the data center are no longer just cyber-driven. The overriding focus on digital attacks, plus the rise of the public cloud, often leads many data center managers to view physical data center security as less of a concern. But with the ongoing need for on-site servers and private clouds – especially in industries with strict compliance mandates – and an escalating threat environment, it is vital to focus equally on physical data center security.
For many organizations, biometrics can be the key to getting your data center to this important next level.
About the Author
You May Also Like