There have been several breaches of security at high profile institutions in recent times, and almost every day brings a new story of how a building has been compromised and critical data or hardware destroyed or stolen.
It is believed that breaches of security at data centres comprise over 40% of data loss, sabotage and attack.
More than ever before data centre security and physical IT assets are at risk. Whether it is from perceived outside threats or from internal team members, threats to the data and the customers’ critical data continue to grow. A 2011 Gabriel Group Survey states that over 60% of today’s malicious security breaches are at the hands of company insiders.
Data centre operators have long understood the need for physical access control on server cabinets. In corporate facilities, where data centres are potentially exposed to a significant number of employees, mission-critical servers must be protected from thumb drive data theft and from theft of a server itself. Those same considerations apply to colocation facilities, which must also reassure customers that their servers are individually secure within a generally secured facility.
Certainly, there are many ways of securing data centres, and many solutions have evolved over time to address access control at doors and server cabinets.
Physically securing private information in data centres has proven challenging however, as the necessary technology has lagged far behind network security technology. The network security industry is a steady stream of innovative response to high-tech threats. For most data centres, physical security rests with technology from the last millennium.
In practice, even those enterprises that are highly concerned about addressing risks related to physical access have been unable to elevate alerts and audits to the level possible for network security. This is primarily a matter of deficient technology, as 100% accurate alerting and auditing solutions for physical access have typically extended no further than a data centre’s front door.
The problem is because those solutions evolved separately to address individual access points, rather than addressing the overall needs of the data centre. In contrast, this new Biometric system is designed with an eye toward overall facility needs, and is unique in its ability to serve as a single, networked platform to completely secure every access point throughout a data centre – right up to the server cabinets themselves!
A new Biometric operated handle provides, for the first time, unique finger print technology stored and processed in the handle on the cabinet with an ‘Indisputable Audit Trail’ to protect valuable data and is compliant with the various data privacy rules and regulations such as: PCI, SOX, SSAE 16 and HIPPA.
The need to protect sensitive data has never been higher, from the perspective of both good business practice and regulatory compliance – and that applies to physical as well as to network access.
Physical security does not guarantee compliance, and compliance does not guarantee physical security. But the availability of a single, networked platform that can deliver biometric access control to every access point within an enterprise, with an indisputable audit trail, is a strong step toward unifying compliance and security programs – right up to the server cabinets themselves.
There are already in excess of 500 of these new Biometric systems installed, none of which have been breached.