Are there skeletons in your (server) closet?
Let’s talk about something scary. No, not ghosts, ghouls, or goblins. Let’s talk about your organization’s strategic approach to physical security at the data access level. While October is a great time to talk about all things Halloween, it’s also Cybersecurity Awareness Month, an opportune moment to get real about the ever-changing threats to our data, both virtual and physical. While it’s great to stay vigilant on spear-phishing, password changes, firewalls, and network intrusion, the physical side of security often remains the last consideration in an organization’s overall data security posture.
Unauthorized access from within data centers—whether malicious or unintentional—accounts for between 9 percent and 18 percent of total data breaches, costing more than $400 billion annually. Whether you operate a massive data center network or a few small closets in the back of your office, the physical threat is real, and just as damaging as the cyber threat itself. Yet there are a number of practices you can implement if you want to mitigate against these insider threats. And they won’t all require a massive spend. Let’s take a look at a few things you can do to harden your physical security stance.
Harden what you have
Do you have locks at every perimeter of access from outside the data center to a server itself? While there may be different layers of existing perimeters from a 5-layer man trap to a single locked closet, it’s important to audit all the perimeters you already have to ensure they’re locked by protocol. This is free to do and your first step. Know the access points. Work with what you have. Limit and confirm who can go where.
Define people parameters
By managing who can gain access and the method of entry, it’s possible to provide a single access point to multiple enclosures and to monitor all activity with audit trail reports. A centralized software platform can provide real-time monitoring, report generation, and user and equipment logs including time of day/user access rules. These types of identification and tracking technologies can address security concerns while also offering visibility into activity surrounding the enclosures. There are a lot of ways to introduce this management layer into your strategy so take some time to look at options, ask questions, and work with your team to make the best decision that can evolve with you over time. If you’re starting from scratch, grow into it.
Handle the truth
Server cabinet handles are the final entry point to the files, information, and critical data that is stored on the other side of an enclosure. Intelligent electronic locks at the rack level provide an additional layer of security, especially when combined with multi-factor authentication that includes RFID, biometrics, and pin pad access. Products deployed with independent or integrated access control monitoring create a near-impenetrable solution. These can be standalone systems, or integrated with the building access control, eliminating all need for a key lock on the outside of the enclosure. Mobile authentication enfolds another layer of secure access management via a tablet or mobile phone. In summary? Handles are more important than you think.
Upgrade your cabinets
The physical server cabinets, racks, and enclosures themselves are the key to physical security for your data. While this may be your biggest spend on the CAPEX side of the budget, there are a number of reasons why this upgrade alone could be the defining factor in your organization’s physical data strategy. Secured hinges reduce visibility and access to the hardware, which repositions the most exposed physical vulnerability. This way, hinges cannot be accessed – or compromised – when the door is closed. Tamper resistant panels are internally secured and are recessed to prevent unauthorized devices from entering the enclosure. Think cable and channel concealment. Think laser-etched precision openings. Think vault.
Though it may be daunting to consider completely overhauling the physical security of your server and data facilities, the question to ask is whether you can afford not to. Server enclosure technology is as sophisticated as the technology it contains, and when it comes to the physical security of your data, it’s your last line of defense. Or maybe it’s your first line of defense.
Are you ready?
About the author: Carrie Lowther has served as president and co-founder of Great Lakes Case & Cabinet (GLCC) since 1985. From 1976-1985, Carrie held several positions with General Telephone Company of Pennsylvania, where she met co-worker and future husband, Rob Lowther. Through nearly 10 years of work in the telecommunications industry, Carrie realized there was a need for high-quality product and responsive customer service. GLCC began in the Lowther household to provide just that. Carrie remains entrenched with GLCC and provides strategic as well as day-to-day guidance to maintain global operations.