How wireless access control can address the data centre security puzzle

Every data centre manager walks the fine line between streamlining access while also giving private, valuable data the security it needs. The answer, however, could be simpler than they think. Choosing the right electronic access-control solution, integrating it and maintaining flexibility for every data centre user, visitor, customer and temporary.

A breach in data security can cause severe financial damage. According to IBM’s latest Cost of a Data Breach Report, the average is $4.24 million (more than R72 million), a figure which has grown by 10% since 2020. Among European countries studied, the report finds the highest average cost in Germany: $4.89 million (€more than R83 million) per breach.

“The ideal access control solution for a data centre usually demands three levels of security working together within an integrated system.”

Healthcare is the sector where breaches are costliest. For a data centre that provides co-location or managed cloud hosting services, the damage to reputation and trust could be catastrophic. Investments in these sites are often huge. The total investment at one data centre campus in London’s Docklands is expected to total £1 billion (€1.18 billion) by 2025. In other words, there is a lot at risk.

Manage, monitor and control physical access to your data centre.

Enhanced cybersecurity is one obvious countermeasure, for both in-house enterprise centres and third-party facilities. However, compromising the physical security of servers
is another route to many breaches — among the top five sources of initial attack, according to the IBM report.

How then can businesses avoid taking unnecessary, potentially expensive risks with servers and data? Well-chosen and correctly configured access control is part of the answer.

The importance of three-layer access control

By law, data centre operators should be able to demonstrate they have used a risk-based layered approach to security. “The ideal access control solution for a data centre usually demands three levels of security working together within an integrated system,” explains Hayley Elwen, commercial director: digital access solutions at Assa Abloy.

On the outer level, perimeter security ensures only authorised personnel enter the building. Here,high-securitydoorandgatelockscanwork alongside the likes of video surveillance and monitored fencing. This is the first line of defence against every physical security breach.

Level two, or room access, can be monitored and controlled with a range of access-control door devices or electronic security locks. These enable monitored and filtered movement around the centre, balancing convenience and security.

The access control system should handle fine- grained access to separate rooms by user, security level or time of day or week. It must be simple for administrators to issue temporary access via a card credential or mobile key. Any lost credential must be easy to cancel with a few clicks in the system software.

The third, final level of physical data security is the server rack or cabinet itself. Server rooms get a steady flow of authorised traffic: cleaners, maintenance staff and technicians, for example. Employee screening cannot be perfect; accidents happen. Rack or cabinet locking is the last line of defence against a physical breach.

Responsive, real-time access control and data centre protection

“A whole range of devices can provide this convenient, secure access control around a data centre,” says Elwen. Aperio technology integrates seamlessly with access and security management systems from over 100 different access control manufacturers, which provides data centre managers with total flexibility to choose the right device for every application.

“These locks are fast to install and to integrate. They are already trusted to secure banks, hospitals, universities, museums and many other types of location all over the world,” she adds.

Battery-powered Aperio devices can secure almost any door, in any material, enabling security managers to filter and monitor access into and around their data centre. Interior door access (level two) is made secure and convenient by deploying Asperio escutcheons, cylinders, handles and locks as required.

Designed for the innermost layer of data security – rack level – the Asperio KS100 Server Cabinet LOock and the Aperio C100 electronic cylinder can add either offline or online, real-time access control and monitoring to the server itself. The lock integrates with almost any existing or new access control system and accepts almost any standard RFID credential.

“When Aperio devices are integrated online with a security system, facilty managers have control over their premises in real time,” says Elwen. “They can react quickly to events, while simultaneously offering convenient access to data centre staff, authorized visitors, customers and technicians.”

Digital issue View Archive

Visit the official COVID-19 government website to stay informed: sacoronavirus.co.za