- Intern - Facilities & Fleet Maintenance »
- Facilities Services Supervisor »
- Director, Green Buildings/Systems and Faculty »
- HVAC Mechanic/General Maintenance Technician »
- Facilities Support Specialist »
Networks Face External Threats
November 30, 2011 - Contact FacilitiesNet Editorial Staff »
A data center's external campus is at risk for any number of security breaches, from inclement weather to burglary to maintenance mishaps. Protecting this vulnerable area is the first step in securing the mission critical environment.
Minimum requirements for safeguarding a data center's external infrastructure assets include creating redundant pathways and physically protecting the cabling within them. Most data centers with some level of reliability have dual path redundant cabling coming in from two different sources on separate parts of the mission critical site. Designed to create network redundancy, this technique also promotes information security and reliability at the exterior of the building.
Protecting the cabling within its pathways by building a concrete structure around the underground conduit from the perimeter of the facility to the end of the data center grounds will further protect the data pathways from external vulnerabilities, including third party maintenance and future site construction.
Beyond minimum requirements, the second tier of external risk mitigation includes monitoring maintenance holes, segregating the security system from the rest of the network, and providing a trained and educated support staff for IP-based surveillance systems.
Maintenance holes throughout the property should have proper surveillance coverage, with the intent being to eliminate infiltration. While the conduit below the data center grounds will be encased in concrete, the same conduit at certain locations in the pathway will be accessible through maintenance holes. Because these locations are physically accessible from the ground level, and therefore vulnerable, 24/7 video surveillance is recommended. In addition, similar to any portal in the data center, a mechanical sensor connected to the access control system should be installed at the maintenance hole cover in order to alert a security guard when the cover is removed or compromised.