Most datacenters today are protected with sophisticated security systems for the building and rooms in which the datacenter enclosures are housed. This includes RFID card access and video. However, protection at the individual enclosure is most likely still mechanical key access at best. Once a person is inside a datacenter, access to individual enclosures isn’t protected with security systems that can not only physically secure the enclosures, but also control which enclosures are accessed (and when), monitor when individuals have access and when access occurs, and provide a complete audit trail of access.
Government regulations, coupled with growing consumer sensitivity about data and identity theft, require that data storage organizations demonstrate proper protection and due diligence in protecting sensitive information stored inside data center enclosures. To comply with current regulations such as HIPPA, PCI DSS, FISMA, and Sarbanes-Oxley, and also retain customer trust, protection at the rack level is essential to a fully integrated loss prevention strategy.
To fully protect the individual datacenter enclosures, it’s necessary to implement the same security measures at each enclosure that many organizations have at the building and room in which the enclosures are located. This includes the ability to accomplish the following for each enclosure that contains sensitive information:
- Secure the enclosure.
- Control access in real time. This is the ability to change who and when individuals have access to an individual enclosure in real time.
- Monitor access in real time. This includes the ability to see in real time who is accessing an enclosure and who has attempted to access an enclosure that doesn’t have authorization.
- Audit. When a breach has occurred, security personnel must be able to see who accessed the enclosure in the time interval of the breach.
- Remote monitoring and control. This is the ability to control and monitor enclosures at a central location for datacenters and enclosures located at remote and various locations.
With the ability to accomplish these five functions, datacenter security is elevated to a level that is needed for a high level of security.
More information on this topic will be discussed in an upcoming webinar on May 15. Specifically, the webinar will look at why traditional datacenter building and room security is not enough to protect the sensitive data stored in enclosures.
Randy Ferentchak is key account manager for DIRAK.