New security technologies tighten data center access control

When assessing data center physical security, managers break it down into various protection perimeters, or what Ted Martin, vice president of operations at data center colocation firm Digital Realty Trust (DRT), calls "circles of engagement." These three circles encompass the exterior of the facility, which has the greatest access; common areas inside the facility where some people have access; and the data core, which has the least amount of access.

To protect these areas, the most widely used access control technologies are smart cards and Internet Protocol (IP)-based cameras -- with biometric readers quickly becoming more commonplace as well.

Smart cards getting smarter
ID cards with embedded technologies offer a simple solution for access control and provide a high level of protection. At DRT, to gain access into the building and common areas, clients swipe their cards and their pictures come up on a screen. Security then verifies the clients' identities. These cards can also be programmed for biometrics.

Denver-based data center hosting company Latisys has incorporated biometrics into its clients' cards, and clients have their handprints scanned into their cards and can only gain access to the building by scanning handprint readers on the door. To access the data core, clients swipe their cards, which then lights up a biometric reader. The client's hand has to match to gain entry.

DRT offers a biometrics option for its clients

Requires Free Membership to View

into its data center core. Martin suggests using the finger readers, as they seem to be inexpensive and the least problematic as compared with others.

Noel Rojas, senior vice president of corporate security Terremark, likes the simplicity in adding or deleting access to the cards. Unlike keys in the past, Rojas says you don't have to worry about former employees, as their cards can be deactivated.

Rojas warned there are costs and labor associated with the implementation of biometrics on these cards. Each ready-access card costs $10 to $15, and there is a whole process involved on the front end with programming the cards with the client's biometric information into the system.

However, the biometrics add an additional level of security. "We have never had a security breech -- knock on wood," said Corey Needles, data center manager at Latisys. "And I do believe it does deter [breeches] with biometrics in place."

IP cameras
Just like smart cards, IP cameras can be programmed to do many functions and, just as importantly, work with other security technologies. For example, if someone swipes in with a smart card, a camera in that area can then zoom in on that particular door and show that picture in the network operations center (NOC). Martin keeps the data information that is recorded on his cameras for 90 days in case a report incident happens.

For access to all data center floor space and network "meet me" rooms, Latisys uses a combination of digital camera, card and biometric scanners. Upon arrival to Latisys' facilities, clients must contact the NOC in order to gain access to the secured "man-trap" area. They require three-factor authentication with a photo ID to proceed past the man trap, authenticated card and biometric hand scan to gain access to the data center.

Along with the increased surveillance IP cameras provide, they are easy to install. "Nowadays the IP-camera systems are much more flexible," said Needles. Gone are the days of dealing with coaxial cables and having to run them through a facility's infrastructure.

When is it time to upgrade access control security?
In approaching the job of physical security, managers not only rely on their own experience, but their clients' requirements and the technologies that are available. Clients such as government bodies will bring their own set of expectations to the table, Needles said.

He explained that in order to get the business, data centers have to be willing to implement specific security measures. Martin also sees this with his company's clients. "Security is a critical requirement for most of our customers, and that we meet certain standards," says Martin.

In terms of looking at new technologies, Needles says his company updates security technology every year to eighteen months, and when the company is building out new facilities.

What did you think of this feature? Write to SearchDataCenter.com's Matt Stansberry about your data center concerns at  mstansberry@techtarget.com.\

This was first published in December 2009

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.