Cyber security is probably the first thing that springs to mind when the phrase ‘data centre security’ is uttered. However, those highlighting the benefits of cloud storage are quick to point out the necessity of an efficient and highly secure physical security solution as well. Due to the sheer size and growing number of data centres, resilient perimeter protection is a key aspect of a highly secure data centre, as George Dionisopoulos, Head of Security at NEXTDC (a premium data centre provider) explains to Bakers Fencing’s Marketing & Sales Director, Adam Savage, here.
What are the specific threats to data centres?
George Dionisopoulos spoke about the ever-persistent terrorist threat we face globally, even in places like Australia. Despite the low terrorist threat over there, data centres and their providers maintain a focus and always stay aware of the high-risk towards the data they house.
NEXTDC’s Head of Security explained that one of the key areas of risk is the possibility of the unknown. New threats are always arising and each time they emerge, security companies are engaged to adapt bolster the defences. George highlights the importance of maintaining a pro-active and ready-for-anything stance in the security industry.
Surprisingly, George sees the most threatening risk is ‘human error’. Mistakes made by humans going about their work are more often than not, unforeseen and can circumvent all security tools and processes that have been put in place. Constant vigilance, exhaustive processes and extensive training are paramount here, in order to provide security personnel with the tools they need to protect their data centres. They must also be accompanied by a broad range of metrics, analysis and a culture of continual improvement.
With regards to physical security, George Dionisopoulos described locking down your perimeter as the first big step towards ensuring high security. By limiting access with high-security fencing, you are mitigating a huge amount of risk simply by creating a significant deterrent.
Security fencing: Intimidation vs aesthetics
The Australian and European markets are different in a number of ways, and this often necessitates a different approach. George explained the difficulty in creating a high-security site in the heart of a metropolitan area.
In such a scenario, NEXTDC highlights the balancing act of creating a high-security perimeter that doesn’t impose on the aesthetic of the environment surrounding the data centre. Careful planning and integration of systems like palisade fencing, HVM (Hostile Vehicle Mitigation) and beautifying features (such as planter boxes, trees, flowerbeds) enable methods of protecting while maintaining compliance with government regulations.
Barkers’ Sales Director, Adam drew parallels between Australia and Europe and noted the different approaches each country takes to protecting data centres. In Europe, for instance, data centres demand a resilient and imposing perimeter in order to deter potential threats, with little regard for the wider environment’s aesthetic.
The cost of a data centre breach?
When asked about the potential consequences of data centre breaches, George Dionisopoulos explained how catastrophic they can be.
Aside from the physical damage to the data centre or the perimeter, a breach can severely damage reputation, competitive advantage and even put you at risk of regulatory compliance breaches.
Barkers went on to ask George about the recent news regarding NEXTDC becoming certified by the Australian Federal Government as a Certified Strategic technology hosting partner. When asked what it meant to a data centre provider like NEXTDC, he said:
“It was very pleasing, to be honest. It provides a recognition of compliance in alignment with higher certification requirements… And it shows local organisations that we, at NEXTDC, have been independently assessed and approved to be able to deliver on the highest standards in data centre security and sovereignty”.
A security system is only as strong as its weakest link
Commenting on the ‘Swiss Cheese’ concept, George explained that there are hidden weaknesses and holes in every layer of security. These weaknesses are often not enough to cause issue on their own, as the layers work together to create an interwoven security system. Occasionally, however, those holes can align and create a vulnerability through which a security incident can occur.
So why put your data centre in that situation? A key thing to keep in mind, as NEXTDC point out, is that there is always the possibility that your data centre perimeter can and will be breached by a truly determined adversary.
Coupled with the ability to respond in a timely and appropriate manner, George said that the goals of physical security in data centres are summarised in four concepts:
What should data centres look for in a physical security partner?
George Dionisopoulos explained the importance of finding a reputable strategic partner, able to give expert impartial advice and help discern the most appropriate solutions for the needs of each specific site.
NEXTDC understands the importance of finding a physical security supplier that aligns with its own vision of security – a total commitment to innovation and excellence.
Finally, George Dionisopoulos discussed the holistic approach his data centres look for when working with physical security providers. It goes beyond just providing the fencing, and becoming a trusted advisor who can assist in making sure every part of the perimeter security is fully integrated.