Prudent managers recognize the importance of protecting their data to ensure that their company can continue to function in the face of a variety of threats, such as attacks by hackers and catastrophic data loss caused by hardware failure and natural disasters.
For example, your IT department sets up firewall protection and anti-malware applications. The IT department will also determine
how frequently employees change their passwords, as well as arrange for secure off-site backups of the company’s crucial information.
However, some businesses don’t give much thought to the physical security needed to protect their data. They may not imagine that criminals could attempt to access their data center to steal valuable information, gain a competitive advantage or harvest information for identity theft. A trespasser intending to vandalize your building or steal equipment may attempt to gain access to the facility without realizing that it contains data, but may wind up damaging your servers all the same.
Whether you manage all of your data with on-site servers or use a third-party data center, there are physical security considerations that you should address if you want to keep your business operating efficiently.
Safeguarding your own facility
Build your data center at least 30 miles away from your company headquarters and away from questionable, crime-ridden neighborhoods, as well as power plants and airports. Stay away from earthquake fault lines and areas prone to flooding. Keep your facility 100 feet or more away from any main roads for added security.
When it comes to utilities, redundancy is critical. Establish two or more feeds, coming in different directions for your data, water, power and voice lines. A criminal attempting to circumvent your security by cutting lines will have a more difficult time penetrating security when you have multiple feeds.
Provide for only two ways into the building: the main entrance and the delivery dock, to minimize access points. Your facility’s emergency doors should be exit-only and have no outside handles, reducing the possibility of criminal trespass.
Set up video surveillance cameras augmented with motion sensors and assign a security team to monitor them on a continuous basis, focusing on all entrances, sensitive areas and the parking lot.
Security at an outside provider’s data center
If your company uses a third-party data center to store your critical information, verify what kinds of physical security it provides.
Ask about surveillance technology. Does the data center use closed-circuit security cameras to monitor all entrances? Find out if security teams are monitoring the building 24/7 and see how long they keep the data from these cameras.
Ensure that only authorized personnel are permitted to access the server room. They need to submit to two-factor authentication, and should use biometric authentication, like fingerprint or retina scanners, in addition to a key card or badge.
Your data center shouldn’t allow visitors to roam unescorted, even if they have an appointment and are authorized to be on the premises.
Once you have taken steps to ensure the physical security of your data, you can resume going about your regular business tasks, with the knowledge that your digital information is being well taken care of.
