Many businesses today choose to secure their data in colocation data centers. Colocation data centers offer a favorable alternative for many businesses that either do not have the financial or human resources to host their own data centers and offer a commitment to cost and reliability.
However, shared access to critical infrastructure offers its own set of challenges. In this post, I argue that to ensure sensitive information is secured in a shared space, it’s critical not just to focus on the perimeter, but also adopt strong physical security measures at the rack level.
Threats from Within
These days, most data centers are built like Fort Knox. With extensive perimeter security measures the risk of an outsider gaining access to a data center, much less a specific rack, is very small. That’s why any data center operator will tell you that the greatest risk they face is a security breach from within. It’s worth mentioning also that a sizable portion of security breaches are accidental. In fact, 9% to 18% of total data breaches are attributed to accidental unauthorized access. This costs the data center industry around $400 billion annually.
The need for physical security measures at the rack level is critical to mitigate the risk of data breach. It’s important for these measures to offer a complete audit trail by providing a record of who’s gained access and when. The challenge the industry faces is that even with traditional card based security systems, there is a lack of certainty with who has actually gained access to sensitive information.
Biometrics for Cabinet Security
Biometrics for security isn't something that is new to the data center industry. However, they face a unique set of a challenges when adopting new solutions. Many of the partners that we work with at BioConnect have stressed to me the importance of dual-factor authentication. When you add biometrics to the mix, you're providing a much stronger authentication because the identity is unique to the person. Here are the things that you need to consider when looking at cabinet lock solutions.
Regulatory boards like PCI DSS and HIPPA are trending towards making multi-factor authentication a standard for physical security measures. As the data center looks to improve their security infrastructure they will often adopt technologies to insulate themselves against future compliance requirements.
From a sales standpoint, data centers are always looking for ways to differentiate themselves. Using biometrics at the rack level can position you as a forward-looking data center that is prepared to cater to customers requiring a variety of compliance regulations. This is especially prevalent for customers in the financial or healthcare industries where PCI and HIPPA are most prevalent.
3. Audit Trail
Providing a clear report of access events is paramount for the colocation data center. Not only do biometrically enabled cabinet solutions help address compliance regulations but they also provide absolute certainty into access events.
If you’d like to learn more about biometric cabinet security and the potential impact of insider threats, be sure to check out our new whitepaper, "Data Center Security: Why PINS and Cards Aren't Helping You Pass Your Data Center Security Audits."