Fire safety in financial organisations

Issue 3 2022 Financial (Industry), Fire & Safety

As every executive in the financial industry is well aware, data and digital communications are a crucial area of security concern. But while considerable efforts go into protecting banks’ and insurers’ digital infrastructure from malicious actors such as hackers, how many executives have considered the risk of fire to their digital fortresses?

Dominic Jeff.

The security threats faced by financial institutions can generally be divided into physical and digital, with banks and other companies investing continuously to keep their security measures up to date in both arenas. However, from a fire safety point of view it is the interface of these two worlds that provides the point of greatest danger and no amount of steel or clever software can help. Indeed, both have the potential to make matters worse. This is because reliable fire detection for ICT electrical cabinets is difficult in the best of circumstances and the challenges become even greater as computing power increases and locations become more remote or hard to access.

The data that drives modern finance is physically stored and processed by banks of servers networking equipment and storage arrays staked together in cabinets where they give off a significant amount of heat as a side effect to their furious electronic activity. They are, effectively, a giant fire hazard that requires continuous cooling and monitoring. On the one hand, even the smoke from a smouldering electrical element within a data cabinet can damage many other delicate computer components. On the other hand, uncontrolled, wide-ranging shutdowns can itself have a serious effect on such crucial financial infrastructure.

Planners therefore need to find a way of offering both very early and very reliable fire detection. Whereas once financial institutions simply outsourced their ICT needs to general cloud providers, the current landscape is more complicated because many companies have increased their in-house data processing to offer a hybrid data model, relying on edge elements to their data architecture which can be more closely protected from external risks. Wherever the data cabinets are hosted, risk management for any financial institution must consider their physical safety.

Cabinet protection challenges

Reliably protecting data cabinets from fire presents considerable challenges: the cooling systems that are used to prevent equipment from overheating are usually based on high airflow. Typically, server or storage racks will be positioned to have hot aisles and cold aisles, with cool air circulated from the cool side, through the electrical cabinets and extracted out of the hot side. This system of equipment cabinet row containment creates a unique high and turbulent airflow environment that not only poses significant challenges to the early detection of diluted smoke, but also impairs timely human intervention and the actuation of a pre-action sprinkler system, water mist or clean agent gaseous release.

Current practices permit most computer rooms to use 24°C supply in the cold aisle. This leads to the increase of operating ambient temperature in the hot aisle to the point where it can exceed approved levels for some fire detection and suppression equipment. These unique HVAC characteristics present challenges to how fire detection is interfaced with suppression release, in particular with interlocked or double-interlock sprinklers, water mist and clean agent gaseous suppression systems.

Additionally, the normal practice of conducting a general power-down (e.g., HVAC shut-down before the release of gaseous suppression) upon an initial fire alarm will lead to other side effects. In one documented case, a computer room with 250 ICT cabinets at 6 kW/cabinet went from 22°C to 32°C within 75 s when the cooling was lost.

The only protection against a potential data catastrophe is therefore Very Early Warning Fire Detection (VEWFD). This is an accepted international practice which combines highly sensitive detection equipment with a staged alarm and response system. Naturally, prescriptive building and fire codes for property protection and life safety exist in every country and must be met. But they do not go far enough and critically for sensitive financial data banks, they do not offer any guarantees to a company’s ability to remain in business. We must look to Performance-Based Design (PBD) methodologies to safeguard business continuity through risk and situational assessment. This will combine early yet reliable smoke detection to enable suppression system interaction and integrated site incident and emergency response.

Fit-for-purpose fire detection

When combining the prescriptive and PBD approaches to design a fit-for-purpose fire detection system for a datacom facility, it is important to select advanced detection products. Aspirating smoke detectors such as Securiton’s SecuriSmoke ASD allow for flexible design with quantifiable and reliable detection performance. With aspirating smoke detectors, sampling holes can be positioned at many points in the airflow through data cabinets. Combined with the high sensitivity available through the large detection chambers of such devices, this ensures even the slightest smouldering in electrical contacts will quickly be picked up. These devices can then offer multiple layers of pre-alarm and alarm, ensuring that a timely and measured response can be launched.

Such a staged response is the best way for organisations to protect their most critical business infrastructure: the earlier that an incident can be checked, the greater the chance of avoiding a false alarm. But at the same time, intervening to stop a fire at the early smouldering stage is far less destructive, while also keeping damage from the actual fire to a minimum. A detailed design guide to PBD and Very Early Warning Fire Detection for data centres is available on Securiton’s website. Although risk managers in finance have tended to leave such matters to datacom specialists, the importance of ICT infrastructure to the world’s finances means it is time for banks and insurers to fully understand fire risks and ensure their infrastructure is as well protected physically as it is digitally.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Proactive strategies against payment fraud
Financial (Industry) Security Services & Risk Management
Amid a spate of high-profile payment fraud cases in South Africa, the need for robust fraud payment prevention measures has never been more apparent, says Ryan Mer, CEO of eftsure Africa.

Understanding the power of digital identity
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
The way we perceive business flourishing is undergoing a paradigm shift, as digital identity and consumer consent redefine the dynamics of transactions, says Shanaaz Trethewey.

Beagle Watch adds fire to its portfolio
Editor's Choice Fire & Safety News & Events
Beagle Watch Armed Response and FIRE OPS SA announced the enhancement of the two companies' combined service offerings to provide professional fire safety services to Beagle Watch clients and Johannesburg residents.

Protect your financial assets from unknown online threats
Products & Solutions Information Security Financial (Industry)
Malicious actors employ a myriad of sophisticated techniques, such as hacking, phishing, spamming, card theft, online fraud, vishing, and keylogging, among others, to exploit unsuspecting individuals and gain unauthorised access to their financial resources.

Is AI the game-changer for streamlining anti-money laundering compliance?
Financial (Industry) Security Services & Risk Management
In the aftermath of South Africa's recent grey listing, companies are now confronted with the imperative to address eight identified strategic deficiencies, while simultaneously reducing their financial crime risk through anti-money laundering compliance processes.

Fidelity SecureFire steps into critical fire response space
News & Events Fire & Safety
With the majority of fire stations around the country being crippled by a lack of resources to offer effective responses, Fidelity Fire Solutions has launched its own ‘first responder’ model, Fidelity SecureFire.

FutureBank and IDVerse partner to fight cybercrime
Information Security Financial (Industry)
Generative AI is breeding different fraud types, and cybercrime is predicted to become the biggest economy in the world in the next 18 months. FutureBank and IDVerse have joined forces to keep their customers safe.

Capitec installs Speedgate turnstiles
Turnstar Systems Financial (Industry) Access Control & Identity Management Products & Solutions
Capitec’s Head office in Cape Town recently took its security measures to the next level with the installation of three Speedgate secure lanes manufactured and installed by Turnstar Systems.

Banking the unbanked comes with security risks
Financial (Industry) Security Services & Risk Management
As grim as it was, the pandemic of recent years and its resultant global economic crisis were a prime catalyst for record number of first-time bank users, the previously unbanked.

Combating South African financial crime with RegTech
Financial (Industry) Security Services & Risk Management
RegTech South Africa is an emerging and dynamic industry with new regulations being consistently added and the need for compliance being more important than ever. With the recent Greylist announcement of South Africa, by FATF, compliance with international standards and regulations cannot be ignored.