Are you protecting your company’s physical infrastructure with the proper level of security?
I have had the personal pleasure of walking the halls of many data centers both within service provider facilities and customer owned spaced. It is an understatement as those within IT know, not all of your data is secured in the same way.
The large majority of customer owned data closets, data centers and telco rooms are under secured and having Bernie hang out would be a massive improvement from the efforts in place today. Lack of physical controls including secured access, locked cabinet, locked cages, surveillance and audit logs of who accesses the server room are just a few ways in which these environments typically are struggling.
While there are obvious differences in data classification, a fundamental shift is happening globally to ensure greater data security. With the pricing of service providers continuing to drop and the fines increasing, moving your infrastructure to a private cloud or colocation environment can make sense on a number of fronts.
So what are a few key security controls to look out for when visiting a new data center or service provider?
To start, I would recommend a data center tour if you are moving important systems or data sets to a retail colocation provider or local service provider. Many times, unlike the hyperscalers, taking a data center tour of a colocation provider is standard practice and a great tool for both sides of the relationship. The provider gets to show off their capabilities and give you the opportunity to see where you would be moving your hardware to. For customers, you get a chance to see the process of accessing the facility, getting through the man traps or other gates before making it to the data center floor and ultimately your space.
While every facility is slightly different, many times you will find some standard controls in place as mentioned above. Exterior and interior surveillance, a lack of signage, access badges with fingerprint, hand or retinal scanners are just a start. Additional features including steel reinforced walls, ballistics rated glass and full time security guards are also common. Some of the softer controls to look out for include the logging process of every individual who enters the facility. These can come in handy for audits and protecting the company from a rogue employee.
As you are exploring the additional controls needed in order to maintain compliance standards in your industry, please make sure to reach out to expedite the process. We have assisted many customers navigate these waters and can reduce the time to identify the right providers for your needs.