Mike McColl, managing director of the security composite panel manufacturer Securiclad, writes on the security risks facing data centres – and what can be done to counter them.
Historically, cyber security has been top of the agenda for the data centre sector and it’s no surprise to learn that, according to BAE Systems Applied Intelligence’s latest Business and the Cyber Threat: The Rise of Digital Criminality Report, 90 per cent of UK businesses expect the number of cyber attacks to increase. But while this is indeed a key challenge, ensuring that data centres are protected from physical attack should also not be overlooked – and the construction industry has developed some innovative solutions to address security concerns, for existing operations and newly built facilities.
Security breaches can lead to high value equipment (such as server units) being stolen, interruptions to service and confidential information falling into the wrong hands: theft, corporate espionage, vandalism and terrorism can all come into play, and have major implications for businesses and their customers. A case in point – the burglary, in 2011, at an exchange facility of a major telecommunications provider in Basingstoke. During the night, thieves broke down a door in order to steal specialist networking equipment and IT hardware, and damaged routing equipment in the process. The result? Thousands of people unable to make calls or send text messages for a significant amount of time, and uncertainty, at one point, as to whether personal records had been compromised.
Thankfully, the data centre sector is now starting to become more savvy to the dangers. We are noticing significant leaps towards industry acceptance of the need to heighten physical security and increasing refinements in the design of new build and retrofit alterations which identify ‘mission critical’ areas.
And traditional security measures, of course, certainly have their part to play in this, from the installation of perimeter fencing and CCTV cameras, to ensuring that doors have appropriate security ratings and adequate security personnel are employed.
But this is not enough to prevent determined criminals. And while internally (and often externally), data centres often use standard composite panels to form walls, ceilings, and partitions, these will not provide adequate protection against serious attack from instruments such as sledgehammers, disc grinders, jig saws and high powered cutting tools… something which is crucial in protecting key areas of a data centre. With steel skins of 0.5 mm thick, and cores which offer little or no resistance, these panels can be easily breached by determined criminals. Standard brick or block walls are also vulnerable, with their joints acting as points of weakness.
Protecting servers, data and other hardware with the best possible ‘last line of defence’ is therefore vital in providing peace of mind to data centre owners, staff and customers; and creating an ‘inner sanctum’ using high security panels is a cost-effective way to provide this. We’d observed that data centres were enhancing standard composite panels, manufactured by our sister company, Isoclad, on-site, with a view to enhancing existing security levels. This resulted in additional labour and expense for those companies, as well as the fitting of panels which were neither certified nor tested. We responded to this by bringing that on-site process into a manufacturing environment and launched Securiclad, a complete and certified solution high security modular panel system manufactured to ISO9001, and achieving LPS 1175 across a range of grades.
The system can be used to create a secure environment or partition within an existing structure, or be incorporated into a new-build, and is also hygienic – crucial in ensuring that server rooms are kept dust-free.
Securiclad, which is approved by the Centre for the Protection of National Infrastructure (CPNI), and BRE to LPS 1175, is easy to install and is pre-finished, negating the need for any wet trades and keeping any disruption for a business down to a minimum. This kind of certified system can not only protect critical areas in a data centre, but also help the facility operator to meet insurance requirements. Measures such as high security panels can also address the security concerns created by co-location premises, allowing companies to compartmentalise to a higher security level and protect their critical hardware and data from unauthorised access from elsewhere in a facility.
One thing is for sure, the opportunity for security professionals to bring their expertise to bear on the data centre market is only going to increase: the UK’s data centre market is the largest in Europe and according to a recent report by Tarrif Consultancy Ltd, the sector is set to continue to grow by 22 per cent in the next five years. It’s therefore vital that awareness of physical security in data centres continues to grow too, and that security professionals are up to date with new construction solutions and techniques to meet the needs of these businesses.
About the firm
Securiclad’s LPS 1175 SR4 rated systems have been used in a range of applications to secure facilities including data centres, telecommunications infrastructure, NHS blood transfusion units, university buildings and airport cargo areas. Securiclad is approved for Government use by the Centre for the Protection Of National Infrastructure (CPNI). For more details visit www.securiclad.co.uk
