Data center security is the physical and digital support systems and measures that keep data center operations, applications and data safe from threats. Data centers are facilities that provide shared access to critical applications and data using a complex network, compute and storage infrastructure. Industry standards exist to assist in the data center design, construction and maintenance to ensure the data is both secure and highly available.
Data centers must be protected against physical threats to its components. Physical security controls include a secure location, the building’s physical access controls, and monitoring systems that keep a data center facility secure.
In addition to the physical security systems deployed within a data center (camera, locks, etc.), data center IT infrastructures require a thorough zero trust analysis incorporated into any data center design. As companies migrate on-premises IT systems to cloud service providers, cloud data storage, cloud infrastructures and cloud applications, it’s important to understand the security measures and the Service Level Agreements they have in place.
Data centers should be in a secure location, which includes:
Security best practices for physical access controls for data center security involves implementing defense in depth. This involves setting up multiple layers of separations and requiring access controls to each layer.
For example, initial entry may rely on biometric scanners, followed by sign in verification from security personnel. Once inside the data center, equipment will be separated into different zones where access to the zone is verified. Additionally, video surveillance monitors all of the protected areas of the facility.
Every point of access into the data center needs to be secured. This includes:
In addition to physical protections, data centers also require security focused on digital threats. This includes implementing data center IT security access controls and selecting security solutions tailored to the needs of data centers.
The main goal of data center security is to secure the servers. This includes implementing the following security controls:
Data centers should also leverage firewalls for network-level security, including:
To ensure that security isn’t a bottleneck, data center security solutions should:
Different systems require different security solutions. For example, perimeter-focused security solutions are designed to protect clients, while data center security protects the servers.
Enterprise clients typically have access to the whole Internet, so they need protections that prevent threats in web and email, and application control to prevent the use of risky applications. Client-focused protections include:
These same security measures do not apply to data centers, which are composed of servers rather than user devices. Data center networks require the following security features:
Companies spend about the same now on cloud infrastructures as they do on on-premises data center infrastructures. As companies move their IT assets to the cloud, it’s important to maintain the same security. This involves using security that supports virtual environments and cloud native APIs and that integrates with data center advancements in networking such as VXLAN and software-defined networking (SDN).