As the global population continues to grow and society accesses the internet like never before, it's important to understand that we are in the midst of a key shift into the data economy. To deal with the change, many small- to mid-sized businesses are adopting cloud infrastructure.
When considering the move to a colocated data center, there are many considerations to take. How are you going to be able to protect your mission critical systems? The protection of hardware, networks, and data from events that could cause serious losses or damage to clients of colocation data centers is critical when it comes to implementing physical security strategies.
Protecting in Layers
From the front door to each individual server cabinet, layers of security are going to be the most important piece to maintaining a secure and reliable colocation data center. What does it mean to protect in layers? Layers of security ensure that anyone trying to access the core of the data center has passed through multiple check points to verify their identity and access restrictions. Layering creates depth in physical protection helping to confirm that failure in one element in the system will not create vulnerability in the system as a whole.
There are three main areas of a data center that need to be properly secured, it starts with the main entrance, the area that separates the visitors from the building staff, followed by the entrance to the data floor. Entrance at this layer is extremely important – it is the checkpoint that separates visitors from the main area to the critical data area. Access here usually consists of a turnstile that only allows one visitor through at a single time. Lastly, there is each individual data rack. This is the final checkpoint – once someone has access to the data floor, it is critical that they can only access authorized equipment. Assuming all other layers of security are implemented, access to server cabinets and the data they contain should be restricted to authorized personnel. Typically, customer racks will have lockable front and rear doors, protected with cards and/or keys.
This type of security is fine for some customers, but what about those who are looking to add an additional layer of protection? Companies that wish to limit access to their cabinets should turn to biometrics as a more secure solution as opposed to keys, cards, fobs, and pins. These biometrics can be used in conjunction with current methods creating a true multi-factor authentication system, ensuring only those allocated are able to access data cabinets.
Malicious attacks are usually the most costly type of data center breach. In fact, up to 52 percent of data breaches are the result of a malicious or criminal attack.
With authentication measures based on keys/pins – how do you know that the person with access, is the one who accessed the sensitive data?
BioConnect developed CabinetShield to address both compliance and customer security requirements with dual-factor authentication (ﬁngerprint + card) to secure server cabinets.
Although previously considered too expensive for most data center-based installations, the falling costs of biometric technology over the last few years has meant that fingerprint security at the cabinet level has become a cost-effective reality.
Given the ever-present risk of data breaches, the need for physical security at the rack level becomes critical. Not only must these security measures maximize cost efficiencies for data center customers, while barring access to unwanted intruders, but they must also deliver a complete audit trail, providing a clear overview of access and highlighting anything irregular or suspect to those with the power to act.
Biometric authentication has succeeded where physical cards/tokens have fallen short. By using an individual’s unique biometric characteristics, the data center and their customers have been able to reduce administrative burdens while providing absolute certainty of identity at perimeter, man-trap and data hall access points.
This blog was originally posted on the vXchnge blog, here: https://www.vxchnge.com/blog/dual-authentication-with-biometrics