51
WWW.7X24EXCHANGE.ORGSources:
Shey, Heidi. Understand the State of Data Security and Privacy: 2013 to 2014. Forrester. October 1, 2013.
2015 Cost of Data Breach Study: Global Analysis. Ponemon Institute. May 2015.
Cooper, Mark B. President and Founder of PKI Solutions.
Andre Motta is General Manager at IDenticard
®
Access Control. He can be reached at
[email protected]INTERNAL DATA BREACH: IT CAN HAPPEN TO ANY COMPANY
Organizations of all sizes and types
are vulnerable to data breaches—
whether accidental or malicious,
internal or external.
The traditional means of restricting
and managing physical access at
data centers focus primarily on the
center’s perimeter and facility, while
internal security at the server rack
level–the source of valuable data–is
minimal or nonexistent. Data centers
must be able to track and record
access to the rack, including the
user’s credentials, date, time, and
duration of access. Doing so
positions a data center as a modern,
progressive, facility in a highly
competitive marketplace.
Failing to provide superior access
control at the rack level leaves data
centers and their clients vulnerable
to data breaches that can result in
devastating and costly
consequences: loss or theft of
sensitive data and/or company trade
secrets; significant fines and
penalties levied by regulatory
agencies; legal fees, loss of customer
(current and potential) trust and
business, and a tarnished reputation.
6
5
4
Reporting and auditing capabilities
Some regulatory bodies require
auditing capabilities. Data centers
that have the capability to
generate these audit reports that
include the length of time a
particular user has had access to
the server rack, may increase
revenues by charging tenants an
additional fee for the report.
Consider these features:
• Knowing who accesses server
racks, where, when, and for how
long is essential to an effective
physical security solution.
• Customized reports that may be
exported as Excel, Word, RTF, or
PDF files are important for the
tenants and provide an additional
revenue stream for the data
center.
• A Scheduler Wizard makes it easy
to automatically schedule, save,
and email reports to authorized
recipients at pre-determined
times.
Easy installation at the point of entry
Be sure that you understand how a
system will be installed and the
associated installation costs. Some
systems that are promoted as simple,
low-cost solutions often require an
end-of-row installation which is more
labor intensive and takes up
premium wall space with mounting of
hardware enclosures and conduit on
the wall. Moving end-of-row systems
to change the layout of a room or
floor can cause major headaches and
the associated rewiring process is
especially cumbersome.
Consider these features:
• Hardware that is installed directly on
the server cabinet door and doesn’t
take up valuable wall space.
• All electronics at the door are
powered over Ethernet meaning
fewer wires during installation.
• Factory-wired hardware eliminates
mistakes during installation and
greatly reduces labor costs.
Eliminating the need for cages
New physical security solutions can
make server rack cages virtually
obsolete. There are a number of
benefits to their elimination,
including the following:
• Cost savings for the tenant. By
removing cages, tenants can use
racks that are 48 inches deep (instead
of 40 inches), which can be
configured in fewer rows to save
space. Tenants also may eliminate the
expenses associated with cage use,
including reconfiguring them and
running cables.
• Increased income potential for the
data center, which may have more
space to lease to additional tenants.
• Savings on the cost of power. By
eliminating the need for cages, data
centers can position rows for optimal
airflow to cool racks and reduce
energy costs. Improved cooling can
also extend the life of the tenants’
equipment and improve performance
by reducing hardware failures.