Thursday, August 28, 2014

How Automated Key Control Can Protect Your Data Center

Modern data centerWith the string of data breaches among popular retailers during the past year, businesses are aware more than ever of the importance of cyber security.

However, one issue that hasn’t received much time in the spotlight lately is that if you take measures to protect your data against an online breach but fail to make sure your physical data center isn’t secure, you’re still susceptible to a data breach. After all, even data stored in the cloud resides in a physical data center.

Whether you store your data in a self-managed on-site facility or outsource it to a data vaulting vendor, you need to take adequate steps to protect the hardware containing your data against physical intrusions.

Restrict Access to Data Center


The Corporate Compliance Insight blog relates an account of a software company that went out of business after its backup tapes and a server containing all its database data were stolen. Over the weekend, thieves had jimmied the lock to the double front doors through a gap in the entryway. They simply entered the data center, which had been left propped open to provide better temperature control.

This company’s experience demonstrates that in the same way you encrypt data to deter cyber attacks, you need to ensure that the physical area in which your racks are stored is protected by secure door locks and make sure doors remain locked at all times.

Implement Rack-Level Access Controls


Data center security breaches don’t always happen after hours. One of the easiest ways to gain unauthorized access to a data center is by tailgating, where a visitor follows an employee into the facility.

For an additional layer of security, consider implementing access controls at the rack level. If you store your data at a colocation center that manages data for multiple clients, be sure you’re aware of how they secure the rack space containing your servers.

Take Precautions Against Insider Theft


In 2013, insider data breaches rose 80 percent as compared to 2012. To protect your data against physical security breaches, secure keys in a high-security electronic key control system that can restrict key access at both the user level and key level.

For example, some key control systems control user access through features such as fingerprint readers for biometric authentication, dual login requirements, motion-activated security cameras and manager-defined user permissions profiles.

At the key level, many electronic key control systems will sound an alarm or send a text or email alert if an employee attempts to remove a key they’re not authorized to have. Other systems, such as the KeyTrak Guardian, can even physically lock down keys so only authorized employees can remove them.

Use Automated Key Control Reporting


When performing routine physical security audits, key control logs are essential to determining how keys are being used and identifying potential security issues. Using an electronic key control system can automatically produce a 100 percent verifiable audit trail. This eliminates the element of human error that’s inherent in manual key control logs.

Automated reporting is also useful in that you can choose to receive an email or text alert in the event of a security breach, at which point you can run the necessary reports to investigate the issue.

For more physical security best practices, read our post "The Four Layers of Physical Security."

4 comments:

  1. A keyless section entryway lock is the sort of security framework
    utilized on entryway locks to upgrade the execution of locking frameworks.
    Each individuals like to include more security his home to guarantee the wellbeing of
    his significant resources which he wouldn't like to lose.

    keyless entry door

    ReplyDelete
  2. Nice post!
    With this integration, Automated Key Control have enhanced the ability for:
    - Effective key management;
    - Consistent access rights;
    - Greater efficiency;
    - Automated e-mail alerts;
    - Regular auditing capability;
    - Reduced administration costs.
    Also continuing this theme of data security I must admit the most reliable data sharing service of our times - Virtual Data Room. And iDeals virtual data room services is the best on the market.

    ReplyDelete
  3. Specifically, as per the Computer Security Institute (CSI) in San Francisco, California, approximately 60 to 80 percent of system abuse circumstances spring from the inside system. In this manner, in spite of the fact that system detachment is never conceivable in today's e-business environment, even physical seclusion from different systems doesn't ensure PC security. https://goo.gl/vP2gEB

    ReplyDelete
  4. Love Blue mercury! So happy there is now an Arlington location. The store carries a ton of cosmetic, skin are and hair care lines and the staff is helpful, but not overbearing. The best part of the store, however, is their spa! Sarah is amazing - professional, sweet and waxes https://www.wsj.com/articles/bluemercury-to-open-manhattan-flagship-store-1493576716.....

    ReplyDelete