BEST PRACTISES FOR DATA CENTRE SECURITY
Our previous two blogs pointed to good and bad examples of data centre security. For example, we looked at vascular readers and underground bunkers as excellent examples, while also showing that a simple sledgehammer can create havoc in some data centres in the absence of a solid security plan.
Today we’re summarizing some of the best practices that you can follow in securing your data centre.
1- Have a security plan. You should know and fully understand the risks and threats and what you are going to do to mitigate them. A good security plan will allow you to review and analyze your risks so you can build an effective security system.
2- Be careful how you advertise the physical security aspects of your data centre. Don’t make too much information public that can be used by criminals to override your security systems.
3- Employ a layered security approach to your data centre design. Don’t let your critical components of your data centre be too dependent on a first line of defense. Multiple security layers will help you to spread out the risk.
4- Threats can also be environmental. Failure due to overheating, floods or fire can have the same devastating effects as a stolen component from a break-in. So carefully consider environmental risks as part of your overall security plan.
5- Employ CPTED (Crime Prevention Through Environmental Design) tools and techniques in your security plan. Locating a data centre in a high-crime area in which employees can become a target for gaining entry to a facility could be a major risk.
6- Train and train some more. The best security systems and procedures are useless if employees and stakeholders don’t understand policies or procedures, or if they don’t know how to use the technology employed.