Share your valuable feedback, comments or suggestions on Data Center Physical Security
Data Center Physical Security
A decade ago servers were more vulnerable to physical attacks than remote attacks. The physical attacks are far more devasting, held by malicious local users, vandals or thieves. As they are very rare in office settings, hence does not divert much attention. Most system administrators are focussed on DDoS (Denial of Services) attacks, where attacker maliciously renders a server inoperable denying services to legitimate users. The data centers primitively disconnect wires, unplug network or reboot servers.
The data center or network operation center (NOC) housing servers apply various physical security measures and incorporate policies. Their employees bind to these policies by employee-contract which contain rules, regulations, and information to company rights if they get violated. This creates boundary and trust and enables the employees to perform their duties freely without being questioned. As they get aware of their roles and restrictions. The NOCs often install and setup 24×7 surveillance using cameras.
Data Center Physical Security Measures at NOCs
- Proper locks on doors: No one can enter without a smart card or biometrics authentication scan which do not get tampered easily by an intruder. The auditors of data center ensure that no unauthorized persons had access to your sensitive digital infrastructure. The audit trail kept for comings and goings.
- Encryption and detection safeguards to ensure the integrity of rack-level security protections and audit systems. The Real-time alerting/alarming to notify appropriate parties of events requiring immediate attention.
- Remotely administered Electronic Enclosure Locks mapping proper permission between a right person and system using enterprise security policy or ad hoc administration.
- Escalating regulatory requirements – such as HIPAA, SOX, PCI DSS 3.2, and SSAE 16, requiring sensitive systems and data be subject to their specific protections.
- Allow only trusted and authenticated users to access specific cabinets, with correct rights to the specific area. Thus reducing human errors or internal threats.
- Secured Cabinets: Keep secondary storage or backups in metal Almera or on a remote location on the cloud.
- Tainted glasses which allow only a person sitting inside to view outside but for a person outside it appears a mirror.
- In-rack cameras which automatically captures live video and photos tagged with relevant data (time, date, user ID, system data, actions, etc.) for audit documentation and forensics.
- Mostly NOCs are located on higher floors, generally not on ground floor.