Data Center Physical Security Audit Checklist

Data centers must be designed with security in mind, from protecting against unauthorised entry to maintaining service availability during natural disasters. Such measures are essential to guaranteeing continued service availability.

Physical security should not be overlooked when discussing data center security; in this article we provide an audit checklist to assess their systems.

Physical Access Control

Physical access control to hardware and data is just as critical to cybersecurity as software protection. While most discussions about cybersecurity tend to focus on cyberattacks, a breach in physical security can render all software and firewalls ineffective.

Make sure that employees and visitors entering the data center must use an entry point that is constantly monitored. Badge reader systems are an efficient and manageable way of checking identity and granting or denying entry. Simply swipe your badge at multiple checkpoints as part of a robust system for verifying who may access certain areas within your facility.

Verify that there is an established process for reviewing access logs to detect unauthorised activity and an established procedure to temporarily or permanently suspend user access when an employee leaves an organization. Furthermore, make sure credentials can be revoked along with keys being collected back from former employees when collecting locks - or alternatively that signal and power cables are encased in PVC to prevent accidental or malicious tampering with them.

Video Surveillance

At data centers, being able to quickly identify who and when is entering any given room is of utmost importance. Traditional dead bolt and 20-year-old closed circuit television systems simply aren't enough - that's why using Kisi allows you to see who entered any given room at what time.

Audits should go beyond checking access control systems and security staff, to include evaluating the process for registering, granting and revoking visitor permissions as well as monitoring them throughout the facility. This helps prevent unintentional activity during an incident or fire, ensuring compliance with local regulations as well as healthcare data protection protocols.

While most discussions regarding security involve cybersecurity, physical breaches can expose sensitive data that could cost companies thousands of dollars or hours in lost productivity. By instituting appropriate protocols and investing in advanced technology solutions, businesses can enhance security measures for their facilities, employees and customers.

Access Control Systems

Access control at data centers must prevent entry by unauthorised individuals, using biometrics or other forms of verification that are difficult to bypass or compromise.

Additionally, the system must track and record everyone who enters the facility, so in case of an incident that involves multiple individuals can easily be referenced in order to establish how it happened and who was involved.

Maintain access logs of visitors and vendors, review them frequently and ensure access is removed if an employee's job role changes and they no longer require data center access.

Security systems should also be easy to manage remotely, as this will reduce staff required at the facility and give visibility without physically being present. Kisi can monitor occupancy while also pairing with video surveillance for additional peace of mind.

Fire Protection

Fire threats pose an ongoing danger in data centers due to all the electronic equipment, wires, cables and HVAC equipment housed therein. For this reason, it is crucial that these facilities consider fire protection on all levels - building level, room level and rack-level - when planning for data protection measures.

At the building level, you should install a pre-action wet sprinkler system equipped with a valve that holds back water during regular operations and only activates upon sensing smoke or heat. Furthermore, VESDA and hot work identification procedures must also be in place so as to alert workers of risks before beginning any kind of hot work activities.

At a room level, it's essential to include both ionization and infrared fire detection systems with dual interlocks that require both alarms to activate before alarming. You should also implement a preengineered fire suppression system consisting of tubing routed through racks connected to cylinders of clean agent that will release at the first sign of fire to reduce potential damage to IT equipment and infrastructure.