21st-century technology catches up with access control in data centres


Friday, July 06, 2018 by EMKA (UK) Ltd

There have been several breaches of security at high profile institutions in recent times, and almost every day brings a new story of how a building has been compromised and critical data or hardware destroyed or stolen.

It is believed that breaches of security at data centres comprise over 40% of data loss, sabotage and attack.

More than ever before data centre security and physical IT assets are at risk. Whether it is from perceived outside threats or from internal team members, threats to the data and the customers' critical data continue to grow. A 2011 Gabriel Group Survey* states that over 60% of today's malicious security breaches are at the hands of company insiders.

Data centre operators have long understood the need for physical access control on server cabinets. In corporate facilities, where data centres are potentially exposed to a significant number of employees, mission-critical servers must be protected from thumb drive data theft and from theft of a server itself. Those same considerations apply to colocation facilities, which must also reassure customers that their servers are individually secure within a generally secured facility.

Certainly, there are many ways of securing data centres, and many solutions have evolved over time to address access control at doors and server cabinets.

Physically securing private information in data centres has proven challenging however, as the necessary technology has lagged far behind network security technology. The network security industry is a steady stream of innovative response to high-tech threats. For most data centres, physical security rests with technology from the last millennium.

In practice, even those enterprises that are highly concerned about addressing risks related to physical access have been unable to elevate alerts and audits to the level possible for network security. This is primarily a matter of deficient technology, as 100% accurate alerting and auditing solutions for physical access have typically extended no further than a data centre's front door.

The problem is because those solutions evolved separately to address individual access points, rather than addressing the overall needs of the data centre. In contrast, the Biometric system is designed with an eye toward overall facility needs, and is unique in its ability to serve as a single, networked platform to completely secure every access point throughout a data centre - right up to the server cabinets themselves!

The EMKA Biometric operated handle provides unique finger print technology stored and processed in the handle on the cabinet with an "Indisputable Audit Trail" to protect valuable data and is compliant with the various data privacy rules and regulations such as: PCI, SOX, SSAE 16 and HIPPA.

The need to protect sensitive data has never been higher, from the perspective of both good business practice and regulatory compliance - and that applies to physical as well as to network access.

Physical security does not guarantee compliance, and compliance does not guarantee physical security. But the availability of a single, networked platform that can deliver biometric access control to every access point within an enterprise, with an indisputable audit trail, is a strong step toward unifying compliance and security programs - right up to the server cabinets themselves.

There are already in excess of 500 of these Biometric systems installed, none of which have been breached.

Who is bringing this technology into the market?

This is a partnership between two of the leading manufacturers in their field in the physical data centre security and data cabinet market.

EMKA is one of the leading manufacturers of locking technology for data cabinets and has a turnover of €230m. www.emka.com/uk_en/company/emka-group.

Their product range comprises 15,000 articles that are developed, manufactured, processed and assembled at nine production sites in Germany, France, England, Spain, Bosnia, USA and China. The company has 1,400 employees in 46 countries worldwide.

Digitus is a leader in physical data centre security. www.digitus-biometrics.com/.

Digitus understand the importance of being proactive when it comes to securing data centres. Almost every day brings a new story of how a building has been compromised and critical data or hardware destroyed or stolen. It has been their mission to provide the most advanced access control solutions on the planet, and with their proven biometric and card access technology, have provided customers from military installations to large colocation facilities the peace of mind that their data is secured with the most advanced access technology available today.

They believe that data centre security is too important to be expensive.

Further information on EMKA Biometrics can be found at www.emkablog.co.uk/biometric-access-control/. Readers can find the latest information and news on the EMKA blog - www.emkablog.co.uk or follow them on twitter - http://twitter.com/emkauk.

*Gabriel Consulting Group (GCG) is a research, analysis and consulting firm dedicated to helping clients achieve maximum return on their information technology investment. http://gabrielconsultinggroup.com