Physical security is as much about securing possible ingress points as the processes and procedures build around access control. Installing secure doors with anti-pass back and anti-tailgating is essential in a modern secure facility. A relatively straightforward solution is to use portal doors combined with a card key and/or biometrics.
Physical Security
More difficult are areas that require special consideration such as windows, emergency exits and loading bay access. Windows should never be present in any computer room or data centre as they lead to heat gain and present a potential un-intended ingress point, however where fitted, they must be secure.
Emergency exits are often of the ‘push bar to open type' or a press button to release the magnetic lock and in both cases, these doors should be alarmed. The computer room or data centre may have ‘portal door' access, but if an operator, contractor or third party engineer can easily open an emergency exit, security will be breached.
Providing access for larger equipment, whether during the initial fit-out or for future installation of large and heavy tape storage devices or SAN’s, is necessary but has inherent problems. Portal doors are out of the question leaving standard wide doors the only solution. Access through these doors must be carefully controlled with only the security team having access through these routes.
Management
Also to be considered is managing the access system itself. New starters and leavers must be added to the system and their biometric data logged if such a system is used. Adding new users is not usually the issue. It's deleting leavers' details that can easily get overlooked. Temporary visitor access can also be an issue if not carefully managed.
As an aside, most card access systems require an ‘end-date' for all staff entered onto the system. Don't choose 31st December! If the dates are not changed before the expiry date, getting in to work on 2nd January will be problematic! Not to mention support staff access who may need to fix a fault over the New Year holiday! Choose a mid-week day so that if the worst happens there are people around to update the system.
Standards
There are emerging standards for data centre and computer room access, namely ISO27001 (BS7799 or ISO17799) that are helping to establish process and audit trails within the data centre which cannot come soon enough.
Having a secure facility is highly important. Many data centre and computer room security breaches are ‘an inside job' and this must also be given serious consideration in designing the physical security.
Migration Solutions operates computer rooms and data centres for its clients. With this knowledge our consultants can ensure that from design stage we deliver secure and operationally efficient facilities with the above aspects considered - and more.