Integrating High Security Solutions into Data Centres

Boon Edam Blog | May 2018

Data centres are highly sensitive areas when it comes to protecting sensitive data. The need to build and secure a ‘gold standard’ facility is top-of-mind for those tasked with the responsibility. Once a thorough and professional risk assessment has been done on the data and equipment, the results will give a good foundation to determine to what extent the facility will need to be physically secured.

  
  

Your risk assessment should weigh up the impact of the security breach versus the likelihood of it actually happening. It is impossible to cover all the risks perfectly but there are general rules to follow to mitigate much of the risk in these areas. The name of the game is risk management and a good balance of ‘CIA’ (confidentiality, integrity and access). A healthy balance between all three of these is where you want to be.

A Layered Approach

The purpose of a data centre is to keep unwanted people out of your facility and quickly identify those who somehow manage to move forward into the building without the necessary permissions. A layered approach is what works the best in this critical segment. What I mean by this is a flow of entry which begins lightly and gets heavier and more secure the deeper into the area you go.

Starting at the entrance to the exterior of the areas – usually a robust gate with CCTV and an intercom system. Moving onto the next level which is usually a sliding or revolving door- with or without access control functionality. Further in there is a public reception area with manned security personnel checking the credentials of visitors and monitoring staff movements.  Often at this point there can be speed gates with integrated access control which check credentials via a card, barcode reader or biometrics. This medium level security is there to detect and will sound an audio alarm, send a visual cue and often a silent alarm to the security control desk. The person will physically be able to move forward – but somebody will have been alerted and will promptly stop the security breach.

After this point, and at the deepest point of the building a high security door or portal will use technologically advanced biometrics to check the credentials of the person attempting access to this next part of the building and also completely prevent any tailgating attempt.

Integration between door access control systems and security entrances can be a fine art; the perfect balance of functionality, space and aesthetics.

There are various types of access control systems available today, everything from barcode and QR code readers, to fingerprint and iris scanners, to traditional card readers and key pads. The size and shape of each individual device varies greatly based on both type and manufacturer. Let’s discuss some ways you can integrate an access control system with your security entrances.

Four Integration Techniques

All physical security entrances have a designated place for your access control device – optical turnstiles: under the cabinet top; full height turnstiles, security revolving doors and portals: mounted on the side post. Yet, based primarily on space and what you are trying to achieve, these designated mounting places may not fit your needs. Here are some alternative options:

  1. Top-mounted: For speed gates, mounting an access control device on top of the cabinet is an integration method that is most intuitive for the user because the reader is visible when approaching the lane. Integrators tend to place the access control devices here.
     
  2. Panel Cut-outs: Another option for speed lanes are panel cut-outs which are typically used when there are space limitations on or under the top of the barrier. This type of mounting can be used as the sole means of accessing the secure area, or in addition to the traditional, under-the-top mounting option (two-factor authentication). Some companies have even used the panel cut-out to mount a device that is used solely for visitor entry. While this option of mounting is more streamlined, (no big device on top of your barrier), it does require user training because the reader is not always easily visible to the user. Select a manufacturer who provides this internal training for you or provides you with the training materials you will need to do so yourself.
     
  3. Custom Pedestal:  Some manufacturers also provide a vertical access control pedestal mount, which can be so well designed that it looks like a continuation of the speedlane itself – yet offers endless integration possibilities.
     
  4. Interior-mounted: Security portals are a unique, high security entrance designed to protect the most sensitive of areas. This sophisticated portal can be equipped with a biometric post for an interior-mounted access control device. It is often used in conjunction with an external, side post-mounted device, the interior biometric device allows organisations to achieve two-factor authentication.
     

Two-Factor and Multifactor Authentication

Large data centres are implementing two-factor and multifactor authentication techniques at their facilities to decrease the possibility of an intruder infiltrating the building. According to LoginTC, two-factor authentication means, “an attacker needs to solve two fundamentally different problems, each in different dimensions, in order to compromise your identity.”

Use of two-factor or multifactor authentication typically involves the integration of two different access control devices for access through a single security entrance. This level of integration requires proper preparation and planning. There are, however, some all-in-one devices that can accept two or three authentications, e.g., a single Morpho Sigma device can accept any combination of a card reader, unique pin and / or fingerprint.

The fusion of your access control device and your security entrances shouldn’t be an afterthought, but an integral part of your building design from the very beginning. Speak to your security entrance manufacturer about the integration solution that will work the best for your top security business.

Intelligent Security

Sophisticated tailgating and piggybacking detection systems in security revolving doors and portal entry solutions provide a wealth of valuable data. These include a lot  of granular information that replaces what a guard could be asked to provide manually – e.g., number of passages, inbound / outbound tailgating and piggybacking rejections, biometric access control rejections, emergency button rejections and so on. Such information is very useful in providing very accurate intelligence on throughput, user education needs, etc.

The most provocative data is predictive data that can predict your chances of being infiltrated. Security revolving doors and portals include anti-piggybacking detection technology sophisticated enough to provide a probability, expressed as a small percentage, that two people could piggyback through the door successfully. This capability is new territory for the security industry and allows executives a high degree of confidence that the places these doors protect are secure from infiltration.

A Strong Corporate Image Matters Too

If we are completely honest - perceptions matter. Even in an organisation which should be striving to be low-key. While this holds true for the exterior of the data centre, once safely inside organisational leaders are responsible for ensuring that their businesses are perceived as safe. And while actual safety and perceived safety are inter-related, they are not always identical. This is seen in other areas of life as well: for example, one YouGov poll showed that people believed that New York City is the second most dangerous city in the US, even though data shows that NYC is in fact the least dangerous large city in the United States.

While harder to measure, aesthetic perceptions matter for businesses as well. To that end, the perception-building process begins the moment a person walks through the door (and often before that). With that in mind, security entrances should foster confidence for all parties who rely on them: the system must not only protect employees but also help them feel safe on a day to day basis. Beyond actual safety, security entrances also create a feeling of prestige for the facility that impacts personnel and visitors alike. A new visitor’s first interaction with your brand may be with the security system. That first interaction and every one after should foster a feeling of competence, sophistication, efficiency and safety.

 

Written by Pierre Bourgeix
Pierre has over 20 years of solutions selling and consulting experience in the security industry, most recently as the owner of his own consulting company, ESICONVERGENT LLC. Pierre has an MBA in Business Administration from UCLA Anderson School of Management and resides in Cleveland, Ohio.

 

© Royal Boon Edam International B.V.