Data Centres – growing data, value and security layers

By Martin Koffijberg - Director, Business Development Banking and Finance at Axis Communications.

The digitisation of our economy and society is travelling at ‘full speed’ ahead. Almost everything we do creates data: from simply browsing the internet to shopping or working. Increasingly businesses rely on this data as central to their operations. It’s what allows us to turn cities into smart cities and improve processes or customer experience. Most of this exponentially-growing amount of data is stored and processed in data centres, which, have been growing in number as quickly as the amount of data increases.

Given large parts of our society and economy are based on data, it is often said that data is now the most valuable asset within organisations. It’s is logical, therefore, that data centres - as the place where these assets are stored - are regarded as part of a nation’s critical infrastructure. In the same way that interruption to the provision of energy, water or financial services causes widespread disruption to business and society, data centres have become attractive targets to bad actors through both physical and cyberattack.

Protecting data with physical surveillance

Given that data centres are now regarded as critical infrastructure they should be treated in a similar way when it comes to security. With data being recognized as one of the most valuable assets in our modern world, cyber criminals aren’t far away. They are developing ever more sophisticated strategies and attacks to access this sensitive information or disrupt a data centre’s operation.

While the algorithms and codes do the main damage when it comes to a data centre attack, it’s important to realise that many attacks start with physical access to server racks. It’s important to keep this human factor in mind when planning and implementing a security solution. That threat can come from a disgruntled employee or members of the staff that were coerced into helping the criminals. Thus, it’s a problem that can’t be fought with firewalls and other protective software, as the access can be gained through people with approved security credentials. But it is an aspect that can be addressed with an advanced surveillance system.

Multiple layers for maximum security - from the perimeter to the rack

The solution is to implement a layered, integrated approach to security to mitigate internal and external threats. That starts with detecting potential threats or intruders – from the perimeter to the server room – before it becomes a criminal act.

Protect perimeter, premises & sites

Protection starts far away from the actual servers, in the perimeter around the data centre. When it comes to critical infrastructure, quick response to (potential) threats is essential to prevent the worst outcomes. Therefore, they need to be detected as soon as possible. A combination of network video cameras, thermal cameras and analytics can help with that by covering a whole site perimeter. For example, aerial attacks have been emerging in the past years as drones are a popular way to gain

access to certain areas. The flying devices can be used for corporate espionage or to deliver data carriers with malware to an assistant on the inside. Thus, monitoring the airspace around the data centre is key and surveillance cameras can be a solution, as it allows for visual confirmation (e.g. distinguishing a drone from a bird). The thermal feature ensures reliable footage and detection regardless of the level of visibility as it captures images based on the heat radiating from objects and intruders. The system can also automatically alert security personnel if a physical response is necessary or – when combined with audio speakers – deliver a pre-recorded or live message to deter criminals and warn staff.

Within the site itself, radar is a useful complement to traditional video cameras. It allows the distance, size and velocity of the detected object to be calculated, by transmitting radio waves and receiving the ones that bounce back from an object in the field of detection. Radar cameras are particularly useful to secure premises due to their low sensitivity, as they reduce the number of false alarms, often triggered by light beams or shadows, small animals or raindrops. Combined with the other devices in the surveillance network it can trigger alarms or audio-messages when an intrusion was detected. A bonus is that radar cameras come at a relatively low cost and save even more security resources by minimising the number of false alarms.

Building access only for authorized personnel

Stopping potential intruders with criminal intent from accessing a building is one of the most critical security requirements for a data centre. Monitoring the official entrances to the building can be done with modern access control solutions. These grant access via codes and – increasingly – via smartphone or contactless cards. They help to secure the building and the data stored in it, while ensuring the safety for the staff and boosting operational efficiency. The system can be programmed to allow only authorized people to enter certain buildings to decrease the number of people walking in and out. Cameras and connected sensors can also ensure the security and operations of the data centres and safety of those on the inside. Should an intruder try to enter the building by smashing a window, audio sensors could detect the sound of breaking glass, shouting or other noises that indicate a break-in and trigger an alarm to support rapid action.

Secure the ‘crown jewels’: Server room & racks

The server rooms are the heart of every data centre and the most valuable target for every criminal. Not only would it allow them to easily access all the data stored within these racks, but also to implant any type of malware or spyware on the servers. Advanced access control can be used again to prevent unauthorized entering. Having additional high-resolution cameras within the room, that automatically pan, tilt and zoom , for example, when a rack door is opened, can speed the process of detecting unusual activity. Concurrently, it provides an important record of individuals who have accessed the room over a period of time.

Don’t underestimate the possibilities of physical security

With data centres being the foundation of many of our day-to-day activities, we must treat them with the same caution as we do with any other critical institution like banks, factories or utility plants. As a result, the protection of data centres and ensuring their undisturbed operation is essential. With evolving attack-strategies – both digital and physical – it’s not enough anymore to rely on only one security layer. Data centres need to make an integrated and multi-layered approach to security standards with network video surveillance, audio and analytics at the centre and must not underestimate the possibilities these physical surveillance networks provide. Because security starts on the physical side.

For those working in technology, it’s long been recognised that data centres are the backbone of the digital economy, but Coronavirus saw the industry thrust into the public eye on a much wider scale. We’ve seen data centre operators deemed to be critical workers, and witnessed debate into whether all data centres should be classed as Critical National Infrastructure. By Darren Watkins, Managing Director for VIRTUS Data Centres
A global leading data centre company has recently enlisted the support of Bryland Fire Protection Limited to design and install an engineered solution to safeguard their 1,600-rack facility in Slough.
The provision of new data centre supply is a vital component of the European data centre market, not just to ensure there is enough product to satisfy levels of demand, but to ensure that it is the right type of product aligned to changing IT strategies and practices. By James Hart, CEO at BCS (Business Critical Systems).
There is increasing pressure on data centre Operators to make their facilities as energy efficient as possible with global drive towards carbon neutrality. To support this journey Graeme Shaw, Technical Application Manager at Zumtobel, explains how lighting can not only help data centres achieve their sustainability based objectives, but also make them more safe, secure and operationally efficient.
Power and data to remote devices over single twisted pair up to 1000-metres; compact cable (18AWG) and connector format increases flexibility and ease of use; converging corporate, factory and distribution information networks increases productivity, By Stuart McKay, Panduit
There are many different working parts to an effective physical security system. By Neil Killick, Leader of Strategic Business (EMEA), Milestone Systems