One of the most challenging aspects of operating a data center is ensuring that people who need access can get it while simultaneously keeping unauthorized parties out.
Traditionally, delivering that type of physical security was hard. It amounted to using keys and access cards to manage entry into data center facilities. Those approaches were inefficient and difficult to scale.
Today, a new type of solution — biometrics — is transforming the way that data center operators secure and monitor their facilities. Biometrics provides opportunities to bring a new level of efficiency to data centers. Here's a look at the state of biometrics monitoring inside data centers, including its advantages and challenges.
- What Is Biometric Monitoring in Data Centers?
- Advantages of Biometric Monitoring for Data Centers
- Biometric Monitoring Challenges
- Who's Using Biometrics in Data Centers?
What Is Biometric Monitoring in Data Centers?
In data centers, biometric monitoring is the use of devices that collect biometric data — such as facial scanners, fingerprint readers, and body temperature sensors — to help manage data center facilities.
Biometric monitoring can replace other forms of monitoring, such as keeping track of who is present in a data center facility via manual tracking of video feeds. In addition, biometric sensors can function as access control devices, making it possible for data center operators to allow or deny access to their facilities — or to specific equipment within them — based on the biometric identity of users.
Advantages of Biometric Monitoring for Data Centers
Compared with other forms of monitoring and access control, biometric monitoring offers a number of important advantages:
- Reliability: Biometric monitoring devices are harder to trick than other types of devices. For example, to bypass the security controls of an entry device that requires users to swipe a keycard, malicious actors could simply steal the card of a legitimate user. But it's virtually impossible for them to pose as legitimate users if the device instead scans their faces or reads their fingerprints.
- Simplified administration: Since biometric sensors don't require users to be provisioned with access cards or other materials ahead of time, they are easier to administer. Data center operators can update access control policies for individual users whenever they want, without having to distribute any access tokens to the users.
- Low risk of user error: Along similar lines, biometric monitoring doesn't require users to remember any codes or carry any physical objects with them. The risk that they'll be denied entry due to mistakes on their end is low.
- Multiple authentication factors: Biometric monitoring makes it easy to configure multiple authentication factors to enhance security. For example, each user could be authenticated based on both a fingerprint and a retina scan. Multifactor authentication is more difficult with conventional access control devices, like card readers, which are typically designed to validate users based on just one type of factor.
In short, biometric monitoring can make the processes of authenticating and monitoring users within data centers more efficient — and, by extension, easier to scale, because there is less manual effort required on the part of data center operators to set up and manage the solutions.
Biometric Monitoring Challenges
On the other hand, there are some potential challenges for data center operators to be aware of when using biometric monitoring.
Perhaps the biggest is the risk of inaccuracy in biometric sensor readings. Failing or poorly configured devices might not collect or interpret biometric data properly, leading them to deny entry to legitimate users — or, worse, grant entry to ones who shouldn't receive it. This is why it's important to have fallback systems in place. You don't want to discover during a crisis that your engineers can't access your data center due to access control problems — a fate encountered by Facebook during a major 2021 outage (biometric access wasn't the issue in that incident, but it nonetheless highlights the risk of access control systems that don't allow access to legitimate users when they need it).
There are also data security and privacy issues at stake in biometric monitoring. Collecting highly personal data about individual users could expose data center operators to compliance requirements in certain regions because regulators may view that data as personally identifiable information (PII).
Initial setup of biometric monitoring systems may pose a challenge, too. Although the systems operate relatively autonomously once they are configured and populated with the information they need to recognize legitimate users, collecting fingerprints, facial scans, or other types of biometric information from users so that sensors can recognize them can be an effort-intensive endeavor. It's important not to underestimate the complexity of rolling out biometric monitoring systems inside your data center.
Finally, although in theory biometric monitoring systems are easy to manage and update once they have been set up, lack of integration with access control systems and a reliance on non-standardized hardware can make biometric sensors difficult to manage at scale. The solution here is to ensure that you choose a biometrics solution that is not subject to these limitations.
Who's Using Biometrics in Data Centers?
Despite the challenges, biometric monitoring systems are already seeing adoption inside data centers.
QTS turned to biometric readers to help simplify remote management of data center access during the COVID-19 pandemic, for example. Equinix likewise says that it uses biometrics to help secure physical access to its facilities. And a variety of security device vendors now offer biometric readers that can secure not just data center perimeters, but also manage access to individual server racks or other parts of a data center.
These trends don't mean that conventional monitoring and access control systems are likely to disappear from data centers anytime soon. But they do suggest that the trend is toward biometrics, which make it possible to achieve tighter data center security with less effort and fewer resources.