HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Randy Ferentchak
User Rank
Blogger
Re: Some are doing it...
Randy Ferentchak   5/21/2013 3:54:46 PM
NO RATINGS
Thank you for sharing the story. Security fences are still being used today but companies are transitioning from the expensive security fences to the integration of electronic access control, monitoring and management systems at the data center cabinet level. In high security areas involving fences, it is often necessary for employees to accompany outside contractors to the secured server to ensure the contractor gains access only to specified enclosures. Mechatronic access control, monitoring and management systems like E-LINE by DIRAK eliminates the need for an escort allowing employees to be more productive with their time and reduce costs.

For most data centers, old physical security technology is being used (video cameras, security fences, security guards, etc). Most data center rooms are secured with palm readers, proximity card readers and keyed locks. However, the server racks and enclosures housing data and critical assets are left unsecured within the rooms. Hackers which include trusted employees, contractors and so on can still get access to the cabinet level even with perimeter security, building security and room security in place. A company may never know when a security breach happened if an access control, monitoring and management system is not in place at the rack or enclosure level.

 E-LINE by DIRAK is a mechatronic security system designed to give a high level of security at the rack or enclosure for indoor and outdoor applications. It controls access to individual racks and enclosures, monitors when individuals have access and provides a complete audit trail. It is based on RFID transponder technology allowing all access to be identified and authorized. The E-LINE by DIRAK swing handles can be accessed with an authorized RFID card and a DIRAK supplied battery pack plugged in during a power failure or server down (Reader module stores up to 500 events). This insures complete chain-of-custody.

Additional levels of security are integrated into E-LINE by DIRAK including "Four Eyes" Principle where the electronic swing handle device can only be opened when two users provide appropriate authorization at the same time to access the rack. Higher levels of security using Two-factor authentication which can include the use of biometric finger print scanners to access the rack or enclosure is available. Accessories including video cameras can also be tied into the system.

Today, companies have been more focused on cyber security from outside threats and less focused on the increased insider physical security threats. We are seeing an exponential growth of electronic data and critical assets stored on servers in data centers especially with the expansion of cloud services. This growth will continue to increase at a rapid rate over the next 5 to 10 years. Hackers and thieves continually innovate so there is a greater need to invest in physical security at the rack or enclosure level to protect critical data and assets to insure companies have a resilient system in place and are in compliance with many of the regulatory compliance standards including HIPAA, PCI DSS, FISMA and Sarbanes-Oxley.

Jack Rupert, PE
User Rank
Platinum
Backup
Jack Rupert, PE   5/21/2013 3:35:46 PM
NO RATINGS
The one thing that's missing from the list is having a reliable backup system.  All of this falls apart if it cannot be maintained during any sort of system failure (power, equipment, software and other).  It is often the anomalies that can give access where it would not otherwise be available.


From the items on the list, I still think that the audit ability is one of the most important.  A person with a less than honorable intension may not worry as much if it is found that "something" was done, especially if his plan is a hit-and-run.  However, if it can be traced back to give him some uncomfortable questions, that might very well keep anything from happening in the first place.

naperlou
User Rank
Blogger
Some are doing it...
naperlou   5/14/2013 9:45:18 AM
NO RATINGS
Randy, I was working on a highly secure data center project a few years ago and this was something that was being done, at least at data centers I was aware of.  In fact, the vendor of a surveilence system that we talked to used a funny story to show the value of their system.  This system used video surveilance and sophiscated algorithms to detect and isolate motion and events. 

The story goes that a particular customer was having a power outage monthly.  The racks were enclosed in wire cages to separate users.  They just couldn't figure it out.  Then they installed the surveilance system.  Immediately they found that the tech from a competitor was throwing coins or scraps of metal into the cage affected until he caused a short.  Why they did not find the coins, or whatever, before I do not know.  Well, of course, this solved the problem. 

Now this was eight or nine years ago.  I will be interested to see what is being used today.



Partner Zone
Latest Analysis
Advertised as the "Most Powerful Tablet Under $100," the Kindle Fire HD 6 was too tempting for the team at iFixit to pass up. Join us to find out if inexpensive means cheap, irreparable, or just down right economical. It's teardown time!
The first photos made with a 3D-printed telescope are here and they're not as fuzzy as you might expect. A team from the University of Sheffield beat NASA to the goal. The photos of the Moon were made with a reflecting telescope that cost the research team 100 to make (about $161 US).
At Medical Design & Manufacturing Midwest, Joe Wascow told Design News how Optimal Design prototyped a machine that captures the wing-beat of a duck.
The increased adoption of wireless technology for mission-critical applications has revved up the global market for dynamic electronic general purpose (GP) test equipment. As the link between cloud networks and devices -- smartphones, tablets, and notebooks -- results in more complex devices under test, the demand for radio frequency test equipment is starting to intensify.
Much of the research on lithium-ion batteries is focused on how to make the batteries charge more quickly and last longer than they currently do, work that would significantly improve the experience of mobile device users, as well EV and hybrid car drivers. Researchers in Singapore have come up with what seems like the best solution so far -- a battery that can recharge itself in mere minutes and has a potential lifespan of 20 years.
More:Blogs|News
Design News Webinar Series
10/7/2014 8:00 a.m. California / 11:00 a.m. New York
9/25/2014 11:00 a.m. California / 2:00 p.m. New York
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Oct 20 - 24, How to Design & Build an Embedded Web Server: An Embedded TCP/IP Tutorial
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: 10/28-10/30 11:00 AM
Sponsored by Stratasys
Next Class: 10/28-10/30 2:00 PM
Sponsored by Gates Corporation
Next Class: 11/11-11/13 2:00 PM
Sponsored by Littelfuse
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service