Layered physical protection for data centers

Data center physical security

Share this content

Facebook
Twitter
LinkedIn

Greg Schreiber, Senior Vice President of Sales & Marketing at Boon Edam shares his thoughts on a new frontier in data center security.

Critical protection

As cyber-threats evolve, they’re no longer confined to keyboard-based attacks – today’s cyber-criminals are targeting physical vulnerabilities to compromise security from within.

Nowhere is this more critical than in data centers, where a breach in physical defenses can bypass even the most robust virtual safeguards.

By establishing unattended, secure entry solutions as multiple layers of defense, data centers can significantly reduce the risk of unauthorized access with zones of protection, bridging the crucial gap between physical and digital security measures.

The changing face of cyber-physical threats

When envisioning a cyber-criminal targeting a data center, it’s easy to picture someone at a computer in a dark room.

But today’s threats often come masked as ordinary individuals – employees, technicians laden with equipment or visitors accompanying someone without proper clearance.

Using social engineering tactics and leveraging everyday behaviors, like holding a door open for others, intruders can sidestep access control protocols designed to uphold secure entry.

Cyber-criminals recognize that modern cybersecurity measures – from firewalls to multi-factor authentication – are robust and difficult to breach.

As a result, they may opt for a simpler approach: gaining physical access to data centers.

Once inside, they can connect directly to network ports or remove data-laden devices.

The answer to effectively countering cyber-physical threats lies in implementing a layered physical security strategy, including unattended secure entry points – automated access solutions that prevent unauthorized entry without on-site personnel by using advanced technologies like biometrics.

This approach creates multiple zones of protection, minimizing vulnerabilities and significantly reducing the risk of unauthorized access to critical data.

Understanding secured entry solutions

Data centers can strengthen their defenses by installing unattended secure entry points at key locations, such as facility perimeters, main entrances and internal high-security areas.

These solutions include security revolving doors, interlocking mantrap portals and full-height turnstiles, each contributing uniquely to a comprehensive security strategy:

  • Full-height turnstiles deter unauthorized entry at the perimeter, acting as a strong visual deterrent while preventing tailgating and piggybacking
  • Security revolving doors manage authorized access to building interiors, minimizing the need for guard supervision while ensuring that only credentialed individuals enter the facility
  • Interlocking mantrap portals are essential for high-security areas like server rooms, enforcing a one-person rule to block unauthorized individuals from sensitive spaces

Combined with automated identity verification, these secure entry solutions establish a robust defense, reducing reliance on human oversight and creating layered physical security protection.

Four layers of physical security in data centers

Establishing layered security zones is essential for safeguarding data centers, with each layer acting as a checkpoint that heightens security as individuals approach sensitive core areas.

Layer 1: The perimeter

The first line of defense is the facility perimeter, designed to deter unauthorized entry entirely.

Full-height turnstiles at entry gates allow only credentialed personnel through, serving as an effective deterrent.

Advanced sensor technology now helps prevent tailgating and piggybacking by detecting multiple individuals attempting entry and locking down the turnstile when unauthorized access is detected.

Turnstiles with walk-away detection further enhance security by blocking unapproved individuals from entering restricted areas.

Layer 2: The building entrance

Once authorized personnel pass the perimeter, they encounter the second layer: the building entrance.

Security revolving doors, equipped with sophisticated presence detection, ensure that only one person enters per access attempt.

These doors can withstand physical attacks, are energy efficient and provide additional barriers against environmental threats like dust and humidity, which is essential in maintaining a clean data environment.

Layer 3: Internal entrances

An additional security layer protects the lobby and other internal areas within the building.

Security revolving doors and similar manned or unmanned access points further separate both public and restricted areas.

This layer prevents walk-in security breaches and reinforces security for contractors or visitors who require supervised access within the facility.

Layer 4: Critical infrastructure

The core of the data center’s security strategy lies in protecting its most sensitive areas, such as server rooms.

Interlocking mantrap portals enforce strict access control with identity verification measures like biometrics.

These portals admit only authorized individuals and apply the one-person rule with advanced algorithms, ensuring secure access even in cases of attempted collusion or substitution.

This design, combined with redundant checks, provides comprehensive protection for critical infrastructure against unauthorized access.

Added benefits of unattended secured entry solutions

Beyond deterring unauthorized access, unattended secured entry solutions offer several secondary benefits that add substantial value to data centers:

  1. Energy efficiency: Security revolving doors and interlocking portals remain closed at all times, minimizing air infiltration, helping maintain temperature and humidity levels and reducing dust contamination – common concerns in data centers
  2. Regulatory compliance: Many secured entry solutions can automate compliance reporting and maintain immutable access records. This assists data centers in meeting regulatory requirements like the Payment Card Industry Data Security Standard (PCI DSS) and ISO 27001, demonstrating that robust security protocols are in place for client data
  3. Labor efficiency: As data centers face staffing challenges, automated secured entry points fill security gaps traditionally covered by guards. This allows data centers to improve efficiency and reduce labor costs by reallocating human resources

Security entrances: deter, detect, prevent

Selecting the right security entrance for each layer depends on the security function required:

  • Deterrent entrances: Full-height turnstiles and other visually imposing entry points create barriers that discourage unauthorized individuals from attempting access. These entrances are often used in less sensitive areas but serve as critical first layers in a comprehensive security strategy
  • Detective entrances: Security solutions equipped with presence detection can alert staff to unauthorized entry attempts, allowing for real-time response. These are well-suited for entrances where monitoring traffic is essential, but prevention through other means, such as sensors, is not critical
  • Preventative entrances: Solutions such as revolving doors and mantrap portals prevent unauthorized entry, providing autonomous security and minimizing the need for supervision. These solutions are ideal for high-security areas where unauthorized access poses the greatest threat

The data collected by these systems provides real-time business intelligence, enabling organizations to assess risk levels, predict infiltration attempts and enhance overall security.

Physical security as a cybersecurity strategy

As cyber-threats evolve to include physical infiltration, data centers must recognize the critical role of layered physical security as part of their cybersecurity strategy.

Traditional methods like guards and standard access control systems often fall short against determined attackers.

Proactive security solutions that prevent unauthorized access in real time are essential for reinforcing cybersecurity from the ground up.

Physical and digital security measures must work together.

Unattended secure entry solutions form the foundation of this integrated approach, securing facilities from the perimeter to the server room.

By deploying these solutions, data centers can reduce risk, protect intellectual property and establish a robust, defensible perimeter against evolving cyber-physical threats.

About the author

Greg Schreiber has been with Boon Edam a total of 23 years and is currently the Senior Vice President of Sales & Marketing.

Greg’s career spans over 28 years in the security entrance and door industry in a variety of sales management roles.

Since 2013, Greg has successfully steered the North American and global accounts sales teams to produce double-digit sales growth.

This article was originally published in the special February Influencers Edition of Security Journal Americas. To read your FREE digital edition, click here.

Newsletter
Receive the latest breaking news straight to your inbox