Data centre security is a big issue – especially for co-location centres hosting multiple racks for multiple, often competing, clients. Yet whilst security to access the data centre can often be impressive, individual rack level security is often inadequate. Given the number of in-house staff and external engineers, from cablers to storage and server providers, traipsing through a data centre on a near daily basis, poor rack level security is a potential risk.
According to a recent survey conducted by Lieberman Software, 42 percent of IT staff can get unauthorised access to their organisation’s most sensitive information – including the CEO’s private documents. The failing is blamed on management’s naivety when it comes to understanding just how much privileged access their IT departments actually have.
The fact that most racks are secured only with standard handles using a manual key, bears out this survey. Easily broken or bypassed, these locks provide minimal corporate protection; they offer no access control or audit trail of activity. Given the huge ongoing investment in data centres - during 2011-2012, the UK invested an estimated $3.35 billion in data centres; the second highest spending of any country, according to the Datacentre Dynamics Global Industry Census 2011 - extending standard access control techniques to the data centre racks is an important step.
Companies can opt for a rack specific key, combination locks or key cards that are IP enabled to allow an organisation to impose strict control over the time/day an individual is allowed to access the rack. Using standard access control software, all activity is recorded and audited, providing the organisation with a complete list of those who have accessed the racks.
For organisations, this approach adds control and addresses one important aspect of the internal threat. For co-location sites, rack level security removes the need to cage off client specific rack space areas freeing up space that can be used for more racks, delivering a return on investment, as well as improved client security.