Physical security for data centres is just as important as cyber security, asserted Patrick Lim, director of sales and marketing of Ademco Security Group.
Physical security is the protection of hardware, software, networks and data from physical events that are detrimental to an organisation such as natural disasters and theft.
As exemplified by the incident where Edward Snowden leaked the documents belonging to the U.S National Security Agency, insider threats can damage an organisation's brand reputation and affect its business continuity. Since data is the life of organisations today, it is of utmost importance that the data centre used to store data is as secure as possible, said Lim. He added that the first step of preventing data leaks from insiders is to have in place physical security measures. Some of these measures include having turnstiles requiring users to tap their access cards to enter the data centre; lifts that will bring the users to the floors they are authorised to visit; and biometric verification systems at doors.
When asked about the ideal number of layers of physical security that a data centre should have, Lim revealed that it is dependent on the business needs. For instance, a bank would require more layers of physical security and more advanced solutions (such as iris recognition) in its data centre as compared to a media company due to the sensitivity and importance of its data.
Lim pointed out that while having many layers of physical security does help to secure a data centre, it is more important that the solutions are integrated. "Fragmented solutions will only impede the efficiency of physical security of a data centre," he said. This means that all the security systems - be it security cameras, biometric verification systems or elevator controller systems - must be connected to the main security system.
New physical security solution
Today, more consumers are demanding physical security solutions to be as close to sensitive equipments as possible. To address this need, Ademco recently rolled out a rack security solution. Integrated to the main security system, the solution will only allow authorised personnel to gain access to the racks, said Lim. This solution will benefit third party data centre providers —which houses data centre equipments from different organisations/customers — as it provides assurance to their customers that no unauthorised individual will have physical access to their servers and data.
Sign up for CIO Asia eNewsletters.