Data Center Security

Physical controls are a crucial part of creating a secure environment


A data center is a production facility and central repository that is used specifically for storing an organization’s “crown jewels” — which in IT terms translates to application systems, mainframes, communication networks and huge quantities of data archiving systems. A Tier 1-type data center can occupy one room of a building containing only a few servers; on the other hand, an enterprise-class, Tier 4-type of mission-critical facility may take up an entire building with thousands of servers.

Physical security is a crucial part of the defense strategy of the data center to ensure a secure environment. Most organizations do not have the luxury or the financial depth to locate their data center hundreds of feet below a granite mountain with a complete infrastructure to support it. Enterprise-class data centers (this article’s focus) are often free-standing facilities, which present unique challenges for physical security design.

The Planning Phase

During the design or planning stages of a mission-critical facility, every potential threat must be identified and the cost to protect it evaluated. The design team should analyze the use and operation of the facility and identify the different user groups and departments, and, in some cases, vendor and third-party groups working within secured areas in an attempt to physically separate them. The physical security design should incorporate a multi-layered approach. A complete security assessment must also include a survey of the geographical location of the facility, along with the assessment of the crime statistics for the area.

Fortunately, most organizations have the foresight to locate their facility away from large urban areas, away from high crime and traffic, and away from potential high-profile terrorist targets. Ideally, these types of facilities should be located on a large, open space that would allow for a large buffer zone between the building and public areas such as roads, sidewalks and parking areas. Where proper buffer zones are not achievable, enhancing the structural building design for blast-mitigation may become a factor in the building’s design process.

Recent world events may also require some consideration for hardening the facility against electromagnetic pulses (EMP). Hardening a facility against EMP and blast-mitigation can have a significant impact on the construction budget; however, retrofitting this type of protection after the facility has been built is considerably more expensive.

Perimeter and Outer Layer of Security

Use of around-the-clock security personnel for monitoring and controlling access to the site should be part of the early stages of construction even before the foundations are excavated. Early establishment of the perimeter and the outer layer of security through the use of barriers or fences can reduce the chance of random vandalism. Part of the outer layer of security should include a perimeter intrusion monitoring solution. This type of solution — which may be integrated with the facility’s access control and alarm monitoring system — could include fence-mounted sensors, a volumetric system or even video technology based on a virtual perimeter.

Fence-mounted sensors typically consist of special coaxial or fiber optic cables that are used for detecting an intruder cutting, climbing or lifting the fence fabric. Volumetric sensors may be totally covert and will attract less attention since they do not require a physical barrier such as a fence to operate. They generate an invisible detection field that locates an intruder moving through that field. One such technology uses buried sensor cables which generate an invisible magnetic field. Other volumetric sensors which are less covert and require above-ground installations are microwave and infrared beam detector systems.

This content continues onto the next page...