Datacenters are specialized facilities that house important data, websites and other services for companies. Due to the nature and confidentiality of the data stored in a datacenter, IT operation and personal must have restricted and closely monitored access. Below is a best practices checklist recommendation for physical data center security.
NDA and Site Personnel
Prior to selection of a datacenter, IT Specialists and management should ensure, emphasize and secure their need for physical security. Written consent should be granted by proper management prior to and security testing of any kind. A non-disclosure agreement should be signed by all parties involved in the physical security setup.
Site personnel including guards, cleaning staff, and datacenter personnel should all submit to background checks. Visitors should be escorted and approved by datacenter personnel to enter building. All personnel should be educated to watch for intruders or suspicious activity.
Site location is an important consideration when selecting a datacenter for securing your data. A site should be in an area where the risk of natural disasters is acceptable and man made disasters are low. Try to avoid areas prone to fires, floods, tornadoes, hurricanes, etc., and away from prisons, freeways, banks, pipelines, stadiums, and overcrowded areas. The infrastructure should be on a powergrid with reliable power and 99.9% uptime and attached to multiple power sources. Infrastructure should also have connectivity to multiple communications providers. The site should be isolated from other offices and walls independent from other businesses.
Site Perimeter Security
Site Perimeter should have a fence around the datacenter at least 20 feet from the building on all sides. A guard should be at each perimeter entrance and should be able to authenticate traffic coming into the perimeter with a scanner. The facility shouldd have surveillance via CCTV camera and security guard detail. Parking spaces should 25 fee away from the building to prevent any damage from car bombs.
Computer Room Security
Windows should be limited and away from computer rooms. All entrances should have an automatic authentication method with biometric or face detection, logging and CCTV camera security. Food, drink, and smoking should be prohibited. Doors should be fireproof. Access to computer rooms should be restricted only to datacenter personnel and any entry must be approved by datacenter security.
Computer rooms should be monitored 24/7 by CCTV camera security. Computers should have redundant connections to power, cooling, and networks, with 18″ floor access for air flow and cable management. There should also be air filtration and high ceilings for heat dispersal. Room temperature should be maintained between 55-75 degrees with humidity between 20-80%. Sensors should log these statistics for datacenter personnel analysis.
An solution for flooding and fire extinguishers should be present in each room. Emergency power switches and NON wet pipe sprinkler systems should be installed.
If a space is to be shared by multiple companies, companies must be separated by locked cages or cabinets.
Facility should have redundant cooling towers and isolated from the parking lot. Power should be redundant with multiple power sources and at least 24 hrs of backup power. There should be diesel or alternate power and guaranteed contract in place for getting fuel to the facility. Monitoring and logging should be in place for all entry and exit traffic, temperature control, CCTV camera security, etc. Datacenter personnel should always be present at the facility 24/7. Any paper containing sensitive information should be shredded or disposed of properly. Dumpsters should also be monitored by camera.
A disaster recovery plan should be in place and all important parties must be notified in the event of a disaster. Regular offsite backups should be kept for all critical information, and practice runs to test backups should be done regularly. Redundant servers in an alternate data center is ideal for ensuring recovery from a disaster.
Datacenters are critical for businesses. Do not skimp on security as one small vulnerability can cost your company. Look for maximum efficiency, redundancy, trustworthy infrastructure and personnel for best reliability and peace of mind.