Protecting your data centres with a multi-layered approach

As we rely more on internet services and technology, together with the growth of cloud, virtualization and hyperscale computing, the behind-the-scenes workhorses — our data centres that support demands and daily business operations — face persistent threats. There are many security concerns associated with the management and operations of data centres, ranging from actual physical and perimeter security threats, to virtual attacks, to the workloads that they shield.

Disruption to data centres can stop businesses and critical infrastructure from functioning altogether. In fact, the demand for data centre security solutions is seeing a surge, with requests for integrated video and audio solutions to help these facilities operate more efficiently and protect themselves from perimeter to core. The global data centre security market is estimated to grow at a compound annual growth rate (CAGR) of 17.77 per cent to reach US$21.858 billion in 2026, from US$6.958 billion in 2019.

There’s no doubt that data centre security continues to grow, and that is why a multi-layered security approach, along with a holistic security policy, is essential to protect these vital assets. A layered security approach begins with defending site perimeter, continuing to the protection of server racks from system glitches, human errors, and cyberattacks. Today, data centre digital devices are often connected to the enterprise network, communicating with storage arrays and other devices using TCP/IP. In fact, a recent Nemertes IoT study found 86.3 per cent of participants reported they used networked intelligent devices for physical security in 2021. The complexities surrounding this type of critical infrastructure requires secure, comprehensive surveillance that lets the operator monitor their premises with fewer manned patrols. Couple that with edge analytics that further elevates surveillance hardware, helping to efficiently detect and resolve incidents in all data centre elements. 

Achieving higher certainty with layers of protection

An integrated security system lets owners add layers of protection to secure their data centres. A criterion for selecting protection measures to safeguard a data centre is to consider the five layers to ease burdens: 

  • Protecting the perimeter – safeguarding data centres from unwanted intruders means that security should start at the onset, at the construction site, whether it’s for a new build or the refurbishing of a centre. While it’s being built and you don’t know who’s coming in and out, having surveillance onsite at this stage to account for protection is essential. It’s also helpful to consider surveillance during the overall design of the centre and layout of the data rooms. As for physical security of the site, solutions like thermal and visual cameras, drone detection, and radar technology combine to provide a solid defence with less false alarms. Staff who manage the facility can access smart analytics that provide automatic alerts to potential breaches, assess the situation, and respond by addressing trespassers directly via audio speakers.
  • Monitoring the entire premises – then there’s the requirement to have eyes and ears over the entire premises. To solve for this, facility owners can use radar to spot unexpected movements, then use pan, tilt, and zoom (PTZ) or even thermal cameras for better analysis. Automatic alarms can trigger pre-recorded or live audio or assist in the assignment of security patrols or police. Data centres need to be monitored vigorously, and in some cases, there are many spread across different locations. Practical and flexible surveillance can help track intruders across multiple sites from a remote location, protected by a cybersecurity strategy.
  • Centralizing surveillance – for an even better set-up in terms of efficiency and improving the operation, data centres should consider centralizing their surveillance to avoid overburdening, to achieve greater security with fewer resources. Some solutions do not require staff to be constantly present to view every video feed. Alarms and alerts let staff know when something unexpected happens at the sites. Cutting-edge video and audio analytics increase automation and reduce the need for manned patrols. Some remote device resources allow facilities to ensure that their technology is functioning correctly and that all related software is current, as well as assist to maximize uptime and reduce cybersecurity risks. Additionally, properties like compression technology can lower network bandwidth usage and reduce storage capacity needs. 
  • Surveilling server rooms and racks – protecting the perimeter and the entire premise should be done simultaneously while surveilling server rooms and racks. Within the premises, access control systems can use facial recognition, smart phone technology, and video intercom to manage entry to the centre, rooms, and even individual server racks. Access control is necessary at the front door, along with assigning individual clearance levels to staff and visitors. Staff can also secure data centres against crime and carelessness by insider threats like employees, contractors, and third-party vendors, by setting up alarms for unusual activity – for example, server rooms can be further protected with fingerprint scanners or QR codes. Motion sensors make sure that centres don’t waste time on digital storage recording of empty rooms. Internal infrastructure such as racks/cabinets can often be overlooked. Racks can be opened without authorization, or from a carelessness standpoint, rack doors can be left open, or they can be accessed at unexpected times. Using network video and audio for verification and to communicate with anyone interfering with the racks enables better care and security. Also, the amount of equipment and power inside can generate a lot of heat. Placing thermal cameras within to detect temperature anomalies in server racks or electrical panels where, if there’s a particular load that gets too high, can be picked up early.
  • Thinking long-term cybersecurity – adding to the full scope of data centre surveillance measures, without a doubt, is long-term cybersecurity. Inside interference like data breaches often succeeds by exploiting known vulnerabilities. Cameras cannot see remote theft; they are like computers at the end of the day. They are tiny servers that endanger the facility because they are devices on the network, and they have a Linux operating system. For centre owners to protect themselves from avoidable risks they need to lock things down by continually hardening cybersecurity on their devices with firmware upgrades, updates, installations, and maintenance tests. There are network video and audio solutions out there that offer encrypted communication, IP address filtering, secure boot, and signed firmware to take cybersecurity to an even higher level.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Jason Chiu
Jason Chiu
Jason Chiu is the Professional Services Group Manager with Axis Canada. He has a background in IT and networking, and has spent over 15 years in the security industry, from being an integrator, consultant and manufacturer.

Featured Download

IT World Canada in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Latest Blogs

Senior Contributor Spotlight