How do I implement an access control system in the data center?

Implementing an access control system improves data center security. Expert JP Callahan discusses how.

When erecting your thin wall for audit approval, do not forget to include some form of access control system, which should be used to keep an audit trail of the physical access to the space. These types of systems can be tied into the building's electronic access control system (if one exists) or it can be a standalone unit.

As a guide, the authorized access list should be restricted commensurate to the restrictions the organization places on root level server access. Access should be restricted to those individuals (plus necessary facility personnel) required to support the environmental and network infrastructure.

If the access control system is tied to the building's system, ensure there are controls in place to approve and authorize access list changes. This will negate building security administrators simply granting access because someone asks for access.

Standalone or independent systems give you more control, but add to the complexities of tasks on a usually already overburdened IT staff. However, some audit standards mandate this level of control.

Additionally, it would be worthwhile checking with the audit team to ensure their requirements are addressed in the design process. That will eliminate your discovery of something post-construction that you should have included.

ABOUT THE AUTHOR: JP Callahan is a former counter-intelligence agent with the U.S. Department of Defense and currently runs data center security for Verizon Business, the company's data center hosting arm.

This was last published in January 2007

Dig Deeper on Data center design and facilities

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchWindowsServer

SearchServerVirtualization

SearchCloudComputing

Close