What procedures should data centre leaders have in place to ensure their facilities are physically secure?

What procedures should data centre leaders have in place to ensure their facilities are physically secure?

Genetec, a leading technology provider of unified security, public safety, operations and business intelligence solutions, has announced that Seagate Technology Holdings, a world leader in data storage and enterprise storage systems, has deployed Genetec Security Center to secure its global campuses and regional offices.

At the heart of this large-scale global deployment is the Genetec unified security platform which includes Security Center, Genetec Omnicast IP video management system (VMS) to manage more than 1,150 cameras, Genetec Synergis IP access control system (ACS) to manage more than 22,000 card holders, Sipelia to manage communications between intercoms and security operation, and Seagate’s own high-efficiency, high-performance Exos X 5U84 mass capacity storage system. All sites are connected using the Genetec Security Center Federation feature to centralise monitoring, reporting and alarm management across the entire organisation.

The solution enables Seagate to pull in up to 1.3 petabytes of high-definition video in a single disk enclosure from hundreds of cameras and other IoT devices without losing a single frame or data packet.

“Video, and especially multi-source, high-definition video, provides a stringent performance test for any storage solution,” said Ken Claffey, Senior Vice President and General Manager of Enterprise Storage Systems at Seagate. “Likewise, the data availability expectation of a robust, unified security platform like Genetec Security Center is formidable. The sheer volume of high-definition video streams, frames and metadata coupled with increasingly long retention periods, represent one of the most challenging IT infrastructures to deploy.”

This enterprise scale deployment provides a clear blueprint for a state-of-the-art, unified, high-performance physical security environment for modern, large-scale facilities.

“Enterprises with global campuses and data centre environments have mission critical requirements and securing a growing number of assets across huge facilities while staying ahead of emerging threats is increasingly challenging,” said Christian Morin, Vice President of Product Groups at Genetec. “Through our partnership with Seagate, this enterprise scale deployment provides a great example of how enterprises can implement a holistic approach to security that encompasses physical and cybersecurity, while ensuring compliance with fast-changing regulatory mandates.”

Tormod Ree, CEO of Ava Security: “Businesses and organisations across industries are shifting more towards the cloud, making data centres even more attractive targets. A recent survey from Ava Security revealed that 79% of US firms and 51% of UK companies have already accelerated their cloud migration plans. Data centres typically face sophisticated criminals, utilising a combination of physical and cyberattack vectors, as well as having to adhere to various regulatory compliance demands. A unified approach across both physical and cybersecurity that offers operational insights and is flexible, efficient and intelligent is the key to solving these challenges and keeping data centres safe.

“Anyone, from the IT Director and Security Manager to the Compliance or Operations Managers of a data centre provider, can benefit from a centralised security system that unifies video and cybersecurity, access control, operational insights from environmental sensors and compliance rules.

“Today’s data centres should deploy a solution that can monitor video surveillance footage proactively, manage access control events, perform license plate recognition and detect unusual sounds to mitigate security threats before it’s too late. This video management system should be able to leverage Machine Learning to understand perimeters and behaviours, perform anomaly detection and identify and track people of interest, vehicles and other objects to send instant alerts.

“The security system should be protected from cyberattacks with automatic updates of the software from the cloud, end-to-end encrypted data and metadata. To maintain uninterrupted operations and peak efficiency, it’s essential that the security solution includes an overview of data from sensors that allow keeping track of temperature, air quality and humidity sensors across the facilities.

“For compliance, data centre providers’ IT and security teams should be able to have secure remote access to the system and share footage and events with relevant stakeholders and auditors securely.

“A video security system like Ava Cloud Video Security integrates with existing security cameras, access control systems, dashboards, monitoring systems, sensors and APIs to get more value and visibility in a single view. It extends the same real-time anomaly detection, proactive notifications and smart search capabilities of Ava Aware Cloud across an entire deployment with one interface for direct cloud-connected Ava devices and existing on-premises cameras. It also includes Two-Factor Authentication (2FA) and Single Sign-On (SSO) for seamless authentication and authorisation.”

Nick Smith, Business Development Manager at Genetec: “Data centres are vital to the success of many enterprises. However, their critical role and the value of the data they hold also makes them an attractive target for attacks, both cyber and physical.

“As more and more businesses experience security breaches, the wave of compromised data is on the rise. Some are caused by weaknesses in an organisation’s virtual perimeter. For instance, when hackers exploit software vulnerabilities to gain access to a connected system from the outside. Others rely on a breach of a physical perimeter, such as when a visitor or employee enters the facility to connect a rogue device.

“In fact, IT leaders and data centre employees were surveyed about data risk and a staggering 75% believe that employees have put data at risk intentionally. To keep up with the evolving threat landscape, physical security teams must develop a coherent and proportionate strategy that is supported by effective governance structures.

Take a layered approach

“It is essential that security personnel do not put too much reliance on any one sensor or analytic to detect unwanted intruders. Instead, they should build out a layered approach to perimeter security that ensures all is not lost should one method fail. Biometrics, LiDAR, video surveillance and fencing are just some of the detection technologies that can be combined as part of a comprehensive plan to discourage and identify intruders. A layered approach will not only improve response time but minimise the risk of breaches going undetected. They also reduce false and nuisance alarm issues as personnel have eyes on the scene before choosing how to respond.

Centralise security and operation

“As the threat landscape evolves, security personnel need greater situational awareness and a better understanding of what is happening in their ecosystem. That is why operators should invest in and rely upon a scalable unified system.

“A unified system combines information from all available sensors to provide greater awareness to operators. This not only means showing video feeds when alerts are triggered by the access control system, but also being able to see data from all related sensors in a single click, from anywhere in the system. There are many ways in which a unified security platform can enhance security and streamline compliance operations. For example, by making it easier to set expiry times for contractor passes or by automating the generation and sharing of audit reports so that any irregular activity is quickly brought to light.”

Ettiene van der Watt, Regional Director, Axis Communications MEA: “Data centres have become part of a nation’s critical infrastructure and any disruption to them can have severe consequences. Their critical role and the value of the data they hold also makes them a target for attacks, both cyber and physical. With data now recognised as one of the world’s most valuable commodities, cybercriminals are investing in more sophisticated methods of attack. However, many cyberattacks often start with physical access. Whether deliberate via disgruntled employees or those coerced into helping criminals, the easiest way into the server racks is via someone with physical access.

“In addition to the value of the data itself, the disruption to business and society that would be caused by affecting or even halting the data centre’s operation makes them an attractive target for terrorists or activists. An integrated, layered approach to security to mitigate against internal and external threats is essential, starting beyond the data centre’s perimeter and extending through to the server room.

  • IP surveillance solution: Monitoring the airspace above and around a data centre through drone detection is critical. The scale of a data centre can also mean a lengthy physical perimeter open to physical breach. Network video, thermal cameras and analytics can cover the entire site perimeter and alert a response. Official site entrances and exits also need monitoring and protection. Network video surveillance combined with technologies such as license plate recognition can ensure that only those authorised enter the site.
  • Premises and site: Within the site itself, radar is a valuable complementary technology to traditional video surveillance in tracking people and moving objects across open spaces and large sites. Being less sensitive to things that might trigger false alarms in other surveillance technologies – such as moving shadows or light beams, small animals, raindrops or insects, wind and bad weather – radar is particularly useful in maximising limited physical security resources. Again, combined with network audio, warning people that they might be entering a prohibited zone can be an effective way to manage security remotely.
  • Access control: Preventing unauthorised access to buildings is one of the most critical security requirements for data centres. Modern and increasingly ‘frictionless’ access control can include video verification in addition to access credentials through cards or even mobile phones and can be configured to only give specific individuals access to those buildings and areas within them for which they have authorisation. Cameras and connected sensors can also ensure the security of buildings, safety of those within and operations of the data centre.
  • Server room and racks: The place where the ‘crown jewels’ are kept, access to the server room and racks themselves are seen as the ultimate goal. Physical access to a server itself would allow for the implanting of malware or spyware, granting cybercriminals access and power. Securing access to server rooms and monitoring the activity within them are therefore some of the most critical areas of data centre security. In the cabinets and racks themselves, specific access control technology and video verification can be used for access, while also creating an important audit trail of individuals who have opened the cabinet.”

Sheeladitya Karmakar, Global Offering Leader, Enterprise Access, Honeywell Building Technologies: “As security professionals, we are constantly broadening the scope of what it means to keep facilities physically secure. Data centre security leaders have additional unique challenges when it comes to creating a safer environment, not only for the people who work and visit the building but also for the property (IP) and assets that they house. Data centres are looking for security solutions that leverage the latest technology and provide a layered approach to security. They want to know their assets are secure and that its security team can react quickly to new, constantly evolving security threats.

“With this approach in mind, data centre leaders should consider ‘keeping threats out’ as merely the first step towards becoming physically secure. It’s important to consider the full spectrum of the building experience – from controlling and managing access, protecting high-valued areas, to staying up-to-date and compliant on all regulations. Data centre leaders also need to consider providing reliable 24/7 protection, creating a healthier and safer environment for staff, managing risks and having the ability to respond quickly should any security or safety issue arise. New ways of accessing buildings, which include multi-modal authentication such as check-in apps via a mobile device or facial recognition, now allow companies to control access, ensure compliance and apply geo-fencing to restricted parts of a facility in order to manage the flows of visitors, vendors and employees.

“Data centre leaders know that their success relies on maintaining customer trust and reputation, so finding the right security partner is critical. Security systems should be multi-layered with logical security and strong ID management, integrate with the latest technology, including third-parties, provide advanced analytics, have maximum cybersecurity and compliance with the latest regulations, as well as remote access and monitoring capabilities. One of the key considerations is the flexibility of the security system to adapt to changing regulations/compliance – case in point – the way we occupy a building during the pandemic is different across regions.

“While traditionally, most security concerns for a building are driven by whether someone is allowed inside a facility who could be a potential security threat to the organisation, that perspective needs to evolve. Customers are no longer looking for only a physical security, access control or intruder management solution. Now, they are looking at security solutions in terms of the outcomes they want to achieve. Security leaders want to improve productivity by managing building security across different locations using the resources available to them. At the same time, they want to upgrade to solutions that can help them react to situations and incidents faster by improving their situational awareness and reducing response time.”

Browse our latest issue

Intelligent Data Centres

View Magazine Archive