How wireless access control can address the data centre security puzzle

A breach in data security can cause severe financial damage. According to IBM’s latest “Cost of a Data Breach Report”, the average is $4.24 million (€4 million), a figure which has grown by 10% since 2020. Among European countries studied, the report finds the highest average cost in Germany: $4.89 million (€4.62 million) per breach. Healthcare is the sector where breaches are costliest, also according to the report^*.

For a data centre which provides co-location or managed cloud hosting services, the damage to reputation and trust could be catastrophic. Investments in these sites are often at a huge scale: The total investment at one data centre campus in London’s Docklands is expected to total £1 billion (€1.18 billion) by 2025^**. In other words, there is a lot at risk.

Enhanced cybersecurity is one obvious countermeasure, for both in-house enterprise centres and third-party facilities. However, compromising the physical security of servers is another route to many breaches — among the top 5 sources of initial attack, according to the IBM report.

How then can businesses avoid taking unnecessary, potentially expensive risks with servers and data? Well-chosen and correctly configured access control is part of the answer.

The importance of 3-layer access control

According to the UK’s Centre for the Protection of National Infrastructure: “Data centre operators should be able to demonstrate they have used a risk-based layered approach to security” ^***.

“The ideal access control solution for a data centre usually demands three levels of security working together within an integrated system,” explains Lars Angelin, Aperio Business Development Manager at ASSA ABLOY Opening Solutions EMEIA.

On the outer level, perimeter security ensures only authorized personnel enter the building. Here, high-security door and gate locks can work alongside the likes of CCTV and monitored fencing. This is the first line of defence against every physical security breach.

Level 2 — room access — can be monitored and controlled with a range of access control door devices or electronic security locks. These enable monitored and filtered movement around the centre, balancing convenience and security.

The access control system should handle fine-grained access to separate rooms by user, security level or time of day or week. It must be simple for administrators to issue temporary access via a card credential or Mobile Key. Any lost credential must be cancelled easily, with a few clicks in the system software.

The third, final level of physical data security is the server rack or cabinet itself. Server rooms get a steady flow of authorized traffic: cleaners, maintenance staff and technicians, for example. Employee screening cannot be perfect — and accidents happen. Rack or cabinet locking is the last line of defence against a physical breach, malicious or accidental.

Responsive, real-time access control and data centre protection

“A whole range of Aperio wireless locking devices can provide this convenient, secure access control around a data centre,” says Angelin. Aperio technology integrates seamlessly with access and security management systems from over 100 different manufacturers, which provides data centre managers with total flexibility to choose the right device for every application.

“These locks are fast to install and to integrate. They are already trusted to secure banks, hospitals, universities, museums and many other types of location, all over the world,” he adds.

Battery-powered Aperio devices can secure almost any door, in any material, enabling security managers to filter and monitor access into and around their data centre. Interior door access (level 2) is made secure and convenient by deploying Aperio escutcheons, cylinders, handles and locks as required.

Designed for the innermost layer of data security — rack level — the Aperio KS100 Server Cabinet Lock and the Aperio C100 electronic cylinder can add either offline or online, real-time access control and monitoring to the server itself. The lock integrates with almost any existing or new access control system and accepts any standard RFID credential.

Turkey’s Ziraat Bank, for example, chose the KS100 to replace existing mechanical lock-and-key security with a proven solution — and better secure racks at their data centre. Integration with an Armon access control system was seamless: Authorized employees continue to use the same MIFARE credentials.

“Its quality, ease of use and seamless integration were among the reasons to choose Aperio,” says Nejat Selçuk, Datacenter Manager at Ziraat.

With online integration, lock access decisions are communicated wirelessly via hubs. Events are logged with the system, so generating detailed audit trails is straightforward: Adding Aperio wireless locks speeds up incident investigation, another critical element in data security.

“When Aperio devices are integrated online with a security system, facility managers have control over their premises in real time,” says Angelin. “They can react quickly to events, while simultaneously offering convenient access to data centre staff, authorized visitors, customers and technicians.”

Could you enhance the physical security of your data, while streamlining access to the data centre? Learn more with a free access control guide: https://www.assaabloy.com/group/emeia/campaigns/aperio-data-centres

*: www.ibm.com/downloads/cas/OJDVQGRY
**: www.theregister.com/2022/03/28/telehouse_adds_fifth_datacenter
***: www.cpni.gov.uk/system/files/documents/13/a4/data-centres-guidance-users.pdf