Streamlining access while also giving private, valuable data the security it needs: This is the balancing act that every data centre manager faces. The answer could be simpler than they think: Choosing the right electronic access control solution, integrating it, and maintaining flexibility for every data centre user, visitor, customer, and temporary contractor.
Data security breach
A breach in data security can cause severe financial damage. According to IBM’s latest “Cost of a Data Breach Report”, the average is $4.24 million (€4 million), a figure which has grown by 10% since 2020. Among European countries studied, the report finds the highest average cost in Germany: $4.89 million (€4.62 million) per breach. Healthcare is the sector where breaches are costliest, also according to the report.
For a data centre that provides co-location or managed cloud hosting services, the damage to reputation and trust could be catastrophic. Investments in these sites are often at a huge scale: The total investment at one data centre campus in London’s Docklands is expected to total £1 billion (€1.18 billion) by 2025. In other words, there is a lot at risk.
Countermeasures to breach
Enhanced cybersecurity is a countermeasure, for enterprise centres and third-party facilities
Enhanced cybersecurity is one obvious countermeasure, for both in-house enterprise centres and third-party facilities. However, compromising the physical security of servers is another route to many breaches, among the top 5 sources of the initial attack, according to the IBM report.
How then can businesses avoid taking unnecessary, potentially expensive risks with servers and data? Well-chosen and correctly configured access control is part of the answer.
The importance of 3-layer access control
According to the UK’s Centre for the Protection of National Infrastructure, “Data centre operators should be able to demonstrate they have used a risk-based layered approach to security.”
“The ideal access control solution for a data centre usually demands three levels of security working together within an integrated system,” explains Lars Angelin, Aperio Business Development Manager at ASSA ABLOY Opening Solutions EMEIA.
Level 1
On the outer level, perimeter security ensures that only authorised personnel enter the building.
Here, high-security door and gate locks can work alongside the likes of CCTV and monitored fencing. This is the first line of defence against every physical security breach.
Level 2
The access control system must be simple for administrators to issue temporary access via a card credential or mobile key
Room access can be monitored and controlled with a range of access control door devices or electronic security locks. These enable monitored and filtered movement around the centre, balancing convenience and security.
The access control system should handle fine-grained access to separate rooms by the user, security level, or time of day or week. It must be simple for administrators to issue temporary access via a card credential or mobile key. Any lost credential must be cancelled easily, with a few clicks in the system software.
Level 3
The third, final level of physical data security is the server rack or cabinet itself. Server rooms get a steady flow of authorised traffic: cleaners, maintenance staff, and technicians, for example.
Employee screening cannot be perfect and accidents happen. Rack or cabinet locking is the last line of defence against a physical breach, malicious or accidental.
Responsive, real-time access control and data centre protection
“A whole range of Aperio wireless locking devices can provide this convenient, secure access control around a data centre,” says Angelin. Aperio technology integrates seamlessly with access and security management systems from over 100 different manufacturers, which provides data centre managers with total flexibility to choose the right device for every application.
“These locks are fast to install and to integrate. They are already trusted to secure banks, hospitals, universities, museums, and many other types of locations, all over the world,” he adds.
Filter and monitor access
KS100 Server Cabinet Lock and C100 electronic cylinder can add either offline or online, real-time access control
Battery-powered Aperio devices can secure almost any door, in any material, enabling security managers to filter and monitor access into and around their data centre. Interior door access (level 2) is made secure and convenient by deploying Aperio escutcheons, cylinders, handles, and locks as required.
Designed for the innermost layer of data security — rack level — the Aperio KS100 Server Cabinet Lock and the Aperio C100 electronic cylinder can add either offline or online, real-time access control and monitoring to the server itself. The lock integrates with almost any existing or new access control system and accepts any standard RFID credential.
Seamless integration
Turkey’s Ziraat Bank, for example, chose the KS100 to replace existing mechanical lock-and-key security with a proven solution and better secure racks at their data centre. Integration with an Armon access control system was seamless: Authorised employees continue to use the same MIFARE credentials.
“Its quality, ease of use, and seamless integration were among the reasons to choose Aperio,” says Nejat Selçuk, Datacenter Manager at Ziraat.
Wireless communication
With online integration, lock access decisions are communicated wirelessly via hubs. Events are logged with the system, so generating detailed audit trails is straightforward: Adding Aperio wireless locks speeds up incident investigation, another critical element in data security.
“When Aperio devices are integrated online with a security system, facility managers have control over their premises in real-time,” says Angelin. “They can react quickly to events, while simultaneously offering convenient access to data centre staff, authorised visitors, customers, and technicians.”