top of page

Friends of The Encephalitis Society

Public·9 members

Physical Security Requirements For Data Centres __FULL__


Availability zones are physically separate locations within an Azure region. Each availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking. Availability zones allow you to run mission-critical applications with high availability and low-latency replication.




Physical Security Requirements for Data Centres



Microsoft designs, builds, and operates datacenters in a way that strictly controls physical access to the areas where your data is stored. Microsoft understands the importance of protecting your data, and is committed to helping secure the datacenters that contain your data. We have an entire division at Microsoft devoted to designing, building, and operating the physical facilities supporting Azure. This team is invested in maintaining state-of-the-art physical security.


Facility's perimeter. When you arrive at a datacenter, you're required to go through a well-defined access point. Typically, tall fences made of steel and concrete encompass every inch of the perimeter. There are cameras around the datacenters, with a security team monitoring their videos at all times. Security guard patrols ensure entry and exit are restricted to designated areas. Bollards and other measures protect the datacenter exterior from potential threats, including unauthorized access.


Building entrance. The datacenter entrance is staffed with professional security officers who have undergone rigorous training and background checks. These security officers also routinely patrol the datacenter, and monitor the videos of cameras inside the datacenter at all times.


Datacenter floor. You are only allowed onto the floor that you're approved to enter. You are required to pass a full body metal detection screening. To reduce the risk of unauthorized data entering or leaving the datacenter without our knowledge, only approved devices can make their way into the datacenter floor. Additionally, video cameras monitor the front and back of every server rack. When you exit the datacenter floor, you again must pass through full body metal detection screening. To leave the datacenter, you're required to pass through an additional security scan.


Periodically, we conduct physical security reviews of the facilities, to ensure the datacenters properly address Azure security requirements. The datacenter hosting provider personnel do not provide Azure service management. Personnel can't sign in to Azure systems and don't have physical access to the Azure collocation room and cages.


Physical security is the protection of people, property, and assets, such as hardware, software, network, and data, from natural disasters, burglary, theft, terrorism, and other events that could cause damage or loss to an enterprise or institution. Software security involves techniques to prevent unauthorized access to the data stored on the servers. Because new malicious software (malware) is being developed year after year to break the various firewalls protecting the data, security techniques need to be upgraded periodically.


Physical security of a data center comprises various kinds of built-in safety and security features to protect the premises and thereby the equipment that stores critical data for multi-tenant applications. For the safety and security of the premises, factors ranging from location selection to authenticated access of the personnel into the data center should be considered, monitored, and audited vigorously. To prevent any physical attacks, the following need to be considered:


Data center tiers are an indication of the type of data center infrastructure to be considered for a given application. It is a standardized methodology used to define uptime of a data center. A data center tier, or level, in other words, is used for differentiating key data center requirements, the focus being redundant components, cooling, load distribution paths, and other specifications. It is a measure of data center performance, investment, and return on investment.


Tier 1 is a type of data center that has a single path for utility sources, such as power and cooling requirements. It also has one source of servers, network links, and other components. Tier 2 is a type of data center that has a single path for utility sources, such as power and cooling, as well as redundant capacity components, such as servers and network links, to support IT load. It is more robust than Tier 1 in terms of the hardware, and gives users a customizable balance between cost management and performance.


Security of a data center begins with its location. The following factors need to be considered: geological activity like earthquakes, high-risk industries in the area, risk of flooding, and risk of force majeure. Some of these risks could be mitigated by barriers or redundancies in the physical design. However, if something has a harmful effect on the data center, it is advisable to avoid it totally.


The most optimal and strategic way to secure a data center is to manage it in terms of layers (figure 3). Layers provide a structured pattern of physical protection, thus making it easy to analyze a failure. The outer layers are purely physical, whereas the inner layers also help to deter any deliberate or accidental data breaches.


The security measures can be categorized into four layers: perimeter security, facility controls, computer room controls, and cabinet controls. Layering prevents unauthorized entry from outside into the data center. The inner layers also help mitigate insider threats.


First layer of protection: perimeter security. The first layer of data center security is to discourage, detect, and delay any unauthorized entry of personnel at the perimeter. This can be achieved through a high-resolution video surveillance system, motion-activated security lighting, fiber-optic cable, etc. Video content analytics (VCA) can detect individuals and objects and check for any illegal activity. Track movements of people and avoid false alarms.


Third layer of protection: computer room controls. The third layer of physical security further restricts access through diverse verification methods including: monitoring all restricted areas, deploying entry restrictions such as turnstile, providing VCA, providing biometric access control devices to verify finger and thumb prints, irises, or vascular pattern, and using radio frequency identification. Use of multiple systems helps restrict access by requiring multiple verifications.


Most organizations focus on software security and firewalls. However, a breach in physical security could cause the theft of data and devices that will make software security useless. It is important to conduct a risk assessment study in compliance with ISO 27001 and implement appropriate security controls to ensure a secure data center.


As one might have guessed, most companies have their data centers under high-security measures, and for good reason. Any unauthorized person entering the data center can lead to the entire organization being compromised.


While in modern times the trend is to attack a server or network remotely to steal and access data, physical attacks can be equally dangerous. Since organizations that deal with delicate and highly confidential data are bound to place bleeding edge online protection measures, miscreants often attempt to physically access the vulnerable points of the data center in order to steal the data.


There is also the aspect of temperature and humidity levels and fire prevention measures. A data center hosts highly fragile machinery that requires a certain temperature to function at all times. Thus, various steps need to be taken to ensure that a data center is maintained under proper physical conditions.


If you had been planning to have your own data center up and running soon, then planning its physical security is of absolute importance. In this article, we will take a look at the primary parts of a data center that require constant security, and also go over the best physical security measures for a data center.


The size of a data center is dependent on the size of the organization and its data usage patterns. But every data center has certain weak areas that are prone to physical attacks more than others. So, here is a list of areas where you should maintain high security at all times.


You are most likely to use a RAID system to store your data. It is important that you not only store the data safely, but also ensure its availability, sanctity, and integrity at all times. This means the data storage facility will need heavy protection from physical attacks. Here are the steps you should take:


While these are the specific measures to take when guarding different areas of your data center against a physical attack, there are some basic protocols that you must have in place at all costs. Here is a list of must-have security measures:


A data center in your organization contains and processes the data as well as hosts networks and servers. So, when planning the creation of a data center its physical security protocols take primary importance.


There are certain areas of the data center such as the wiring compartment, the computer/server room, and the actual data storage location that are considered to be high-threat areas. Individual safety measures (as mentioned above) need to be taken for these areas. Apart from these areas, the entire data center should feature state of the art security measures such as entrance and exit check-in systems, CCTV surveillance, remote backup plans, etc.


In this age of data ensuring that your organizational data is kept physically secure should take top priority alongside digital security. The more secure your data is the more your trust factor will increase with the clientele. Hopefully, this article was able to present an overall picture of the physical safety measures required within a data center.


AWS data centers are secure by design and our controls make that possible. Before we build a data center, we spend countless hours considering potential threats and designing, implementing, and testing controls to ensure the systems, technology, and people we deploy counteract risk. To help you fulfill your own audit and regulatory requirements, we are providing you with insight into some of our physical and environmental controls below. 041b061a72


About

A giving circle dedicated to supporting the awareness and tr...
bottom of page