Data centre security

March 2016 Access Control & Identity Management, Cyber Security

The protection of networks and data centres is a growing concern given the recent spate of high profile security breaches and it is forcing organisations into taking serious steps to improve protection. For many businesses, this means implementing a combination of passive and active security measures designed to deter, detect and react against threats.

Fernando Pires, VP sales and marketing, Morse Watchmans.
Fernando Pires, VP sales and marketing, Morse Watchmans.

Included in these measures are multiple layers and types of safeguards, including physical measures, such as video surveillance or mantraps, and established policies and procedures that limit physical access, such as the use of key management and access control systems.

In particular, key systems are designed to securely hold keys and automatically track key usage. To access a stored key, the authorised user simply enters his or her personal identification code on the keypad and when the system verifies the user, the door will open and the location of the requested key will light up. Key control systems can also be configured with card readers or biometric readers and can be networked for centralised control. At any time, security operations can view the status of any key in the system; determine who currently has which keys out and for what area and when they are scheduled to be returned; or determine who has had keys out, for what areas and when. Keys can be returned to any cabinet in the system, but if a key is not returned when scheduled, e-mail alerts and text messages can be sent to selected individuals to enable quick action.

These types of automated key management systems are ideal for use in a data centre facility because, in addition to the security they provide, they offer a variety of control and usage options. Following are a few ­scenarios that illustrate how implementation of these options can help ensure a more secure facility.

Specialised enrolment

This application entails enrolment of individuals based on their function. For example, an operations centre engineer can be authorised for 24/7 key access, whereas a technician may be restricted to accessing a particular key at certain times and for specific amounts of time. Similar access restrictions/permissions are easily programmed for personnel such as cleaning staff or security guards, who have reason to be on the premises but are not company employees. System administrators can quickly and easily terminate or revise individuals’ access in the event they leave their job or their shift is changed. Additionally, keys are securely attached to a fob, which prevents switching or duplicating keys.

Access control

To address security concerns in high-risk environments such as data centres, a Remote Box provides an additional layer of protection. The key control cabinet is installed in a secure room where it is protected from any potential vandalism or tampering, and the Remote Box is typically installed outside the secure room. Once an authorised employee inputs his PIN and other information into the Remote Box and it is validated, a second employee inside the secure room inputs her information as well, providing access to the key for which the first employee is authorised.

The versatility of the key control systems also lends itself to more complex applications in larger data centre environments, as when multiple pieces of identification are needed to move about the data centre. In this example, a general access badge would allow the employee entrance to the building and a second badge would be used to access internal areas of the data centre facility. To maintain tight security, the internal access badge would be secured in a key cabinet when not in use by the authorised employee.

Custom tailored configurations

Sophisticated key management allows for a wide range of configuration and installation options, including other items found in a data centre to which access also needs to be controlled. These might include radios, cellphones, handheld computers, specialised test equipment, etc. which are used by different personnel through the course of any given day and are expensive and represent potential security breaches if stolen or misplaced.

Additional modules for the system such as lockers can hold and control access to these devices, complete with an audit trail to record when they are removed and by whom. And, as access control systems continue to proliferate, the access devices themselves, such as magnetic cards or proximity devices, need to be secured in the same way as physical keys do. More advanced systems also accommodate these devices with specifically designed modules that can be used in any combination with standard key or locker modules.

Given that so much of an organisation’s assets and information are online and accessible, organisations must take a proactive approach to defending against these attacks. Today’s key control systems deliver ample testament to the benefits of reducing security threats with a well-implemented key management system.

For more information contact Morse Watchmans, +1 203 264 4949, morse[email protected], www.morsewatchmans.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Preventing cyberattacks on critical infrastructure
Industrial (Industry) Cyber Security
Cyberattacks have the potential to disrupt our lives completely, and in instances where critical national infrastructure is attacked, they could disrupt the country’s entire economy, leading to loss of life and livelihoods.

Read more...
Unrecoverable encrypted data
News Cyber Security
Cybersecurity research indicates that 76% of organisations admit to paying ransomware criminals, however, one-third are still unable to recover data.

Read more...
Is the smoke beginning to clear for password security?
Access Control & Identity Management Security Services & Risk Management
The password problem is the result of bad habits, and they can be hard to break. But ask anyone that has done it and they will not tire of telling you the benefits.

Read more...
Solving coworking front-desk drama
Access Control & Identity Management Products
Flexible, shared and coworking offices have taken off with great success, but because occupational churn is high, the front-desk can be a difficult place to manage.

Read more...
Arcserve launches N Series appliances
IT infrastructure Cyber Security
Arcserve introduces N Series appliances offering enterprise-level integrated data protection, recovery and cybersecurity to allow customers to simplify their IT environments and secure data.

Read more...
Powder coating provides durable finish
Turnstar Systems Access Control & Identity Management Industrial (Industry)
Turnstar’s powder coating line provides corrosion resistance, high-quality surface finishing and a long-term environment-friendly impact for all access control components the company manufactures.

Read more...
Storage is essential for a comprehensive cybersecurity strategy
Integrated Solutions Cyber Security
Cyber resilience is the ability of an enterprise to limit the impact of security incidents by deploying and arranging appropriate security tools and processes.

Read more...
Turnkey data loss prevention solution
IT infrastructure Cyber Security Products
Acronis’s expertise in data protection and the managed service provider market yields an innovative, fast-track approach for the prevention of catastrophic data leaks.

Read more...
The cybersecurity consolidation conundrum
Editor's Choice Cyber Security Healthcare (Industry)
Check Point discusses why less is sometimes more when it comes to securing your organisation from the innumerable cyberattacks happening every day.

Read more...
Salient Systems manages campus security
Education (Industry) CCTV, Surveillance & Remote Monitoring Access Control & Identity Management
The University of Massachusetts Amherst relies on Salient Systems for video, access control operations for flagship campus as it standardises on IP surveillance.

Read more...