As digital services have become increasingly essential to our daily lives and the operations of large enterprises and organizations, the destructive potential of attacks on data centers has increased exponentially. Ultimately, an attack on a data center could have a massive impact on the availability of essential digital tools and services that organizations rely on. With data centers effectively becoming critical infrastructure, adopting resilient and effective physical security solutions for data center campuses and buildings needs to become a top priority for many hyperscalers and data center operators.
Attempting to harden and secure data centers might seem like paranoia to many outside the industry. But, as Joseph Heller wrote in his novel Catch-22, “Just because you’re paranoid doesn’t mean they aren’t after you.“ The threat is real and has been repeatedly demonstrated in the past few years.
In April of 2021, just a few short months after the events of January 6th, a Texas resident was arrested by the FBI. This man, Seth Aaron Pendley, would later plead guilty and be sentenced to 10 years in federal prison for planning to purchase an explosive device, drive to Virginia, and blow up an Amazon Web Services data center.
Shockingly, this is not an isolated incident. In October of that same year, a small political group in Greece took responsibility for firebombing a government data center as a way to make a political statement. That incident ended a year that began with the successful attack on a Verizon data center in Nashville that impacted the availability of wireless services and even disrupted the FirstNet first responder network.
…many of the same AI technologies and sensor solutions being implemented in the world’s most advanced airports for passenger security checks are making their way into the data center.
While many of these attacks were either stopped in advance or resulted in minimum damage and disruption, they illustrate a disturbing trend that data center owners and operators need to pay attention to. Thankfully, new physical security tools and solutions are becoming available for data centers that can increase security without creating undue stress or roadblocks to seamless data center operations – if part of a well-thought-out and strategic physical security plan.
Beginning with the “basics”
Those who are looking to gain access to a data center campus or building for nefarious reasons are most likely going to attempt to do so at the most logical points – the established points of ingress and egress. With threats to data centers rising, data center owners and operators need to put more thought and consideration into the entryways, lobbies, and gatehouses that protect their data center campuses and buildings.
While a standard commercial front door and a lobby with a security guard and turnstile may have been pro forma in the past, it is no longer enough in a world where malicious actors actively attempt to gain access to a data center. This is why Compu Dynamics was recently tasked with upgrading the physical security of points of ingress and egress at thirty-two data centers by one of the world’s largest cloud providers.
As part of that program, Compu Dynamics upgraded standard doors at the entrances to the data center with doors that are FEBR rated, resistant to bullets and forced entry. We incorporated anti-vehicle bollards at the entrances to keep motor vehicles from pushing through physical security features. We also worked to harden and strengthen the guard gates at the entrance to data centers – implementing anti-vehicle wedge barriers, and drop arms capable of stopping large vehicles from entering at high speeds.
These are all relatively simple upgrades to standard security features that are now necessary in light of the increased risk facing modern data centers. These upgrades to what many would consider the “basics” of traditional data center security are important in protecting the data center, and the employees that work in the data center. But they’re not the only new and upgraded solutions modern data centers should look to implement.
Getting high-tech with physical security
Data center owners and operators who want to start taking the physical security of their campuses and buildings more seriously have a new ally in one of the world’s most exciting and impactful new technologies – Artificial Intelligence (AI).
While physical security is essential for data centers – especially today – there are drawbacks to many of the traditional methods of increasing security.
For example, many data center owners and operators might look to increase security by implementing guards at the entryways that are responsible for screening all employees and visitors looking to enter and exit the data center. While this is effective, it creates two challenges for the data center owner and operator.
First, multiple security guards are needed to staff all entry points around the clock. This is a huge increase in staff requirements and costs. Next, the physical act of patting down or screening each individual visitor – especially those seeking to enter with tools or other equipment – can be slow. Stopping and screening every individual as they attempt to gain entrance to the data center can cause delays and slow operations and workflows.
This is where AI can pay dividends.
…perimeter defense systems are potentially even more important than the security systems in the data center – stopping threats to the data center before they ever make it onto the campus.
Compu Dynamics is currently working with a leading hyperscaler to prototype and integrate a new AI solution that will effectively automate the screening of individuals as they enter and leave the data center. This solution does not require any additional staff and can even be implemented at unmanned sites, which ensures that security can be increased without increasing personnel costs. It also works quickly, eliminating the bottlenecks and delays that often arise with traditional security checkpoints.
Effectively, this solution enables all individuals seeking access to the data center to place their tools and equipment on a tray. The solution – which leverages high-definition cameras, x-ray devices, advanced sensors, and AI software – then scans the tools and equipment on the tray to ensure that it is not a threat to the security of the data center and the safety of its employees.
Should something be identified that should not be brought into a data center, an alarm sounds and results in a security response. If nothing malicious is found, the individual is cleared into the data center on their own, without interacting with security professionals.
Many of the same technologies are also being implemented within the data center to identify visitors. In fact, many of the same AI technologies and sensor solutions being implemented in the world’s most advanced airports for passenger security checks are making their way into the data center.
Taking a lesson from airport security
Biometrics is one of the leading technologies embraced by airports and airlines for passenger security. There is a very good reason for that, as the use of biometrics is directly correlated with expedited passenger journeys, improved passenger experience, and more seamless operations.
As Tony Chapman, the director of industry affairs, alliances and strategic initiatives at Collins Aerospace, recently explained to Connected Aviation Today:
“With biometrics in place, complicated processes that require passengers waiting in line to show an airport employee or government official their physical documents could be eliminated or expedited.”
This same technology can be used to restrict or grant data center visitors to the data center itself or even to individual data halls – ensuring that verified individuals are given access and that access is limited to only the areas they need.
Similar technologies are also being leveraged at the perimeter of the data center campus, ensuring that individuals entering or leaving the campus are verified and do so through the established point of entry. Leveraging advanced sensors and AI technologies, data centers identify and verify individuals at the gatehouse, scan what they intend to bring into the campus, and even scan the fence line.
With threats to data centers rising, data center owners and operators need to put more thought and consideration into the entryways, lobbies, and gatehouses that protect their data center campuses and buildings.
These perimeter defense systems are potentially even more important than the security systems in the data center – stopping threats to the data center before they ever make it onto the campus. But these new technologies and physical security upgrades will be useless if not integrated thoughtfully.
Have a plan
While it will always be easier to design and construct a new data center with hardened and resilient physical security features, it’s not impossible to retrofit older data centers to be more secure. But all retrofits need to be done in a methodical, planned-out, and comprehensive way to ensure they’re useful and cost-effective.
Changing just one door to a door that is resistant to forced entry won’t make the data center safer – it will just waste the data center owner’s money. Implementing an advanced AI solution to scan tools and equipment at the front door, but not doing so at the gate will limit the effectiveness of the deployment. These things need to be approached more deliberately – data center owners and operators need a plan.
Working with a data center security expert, data center owners and operators can create a comprehensive plan that takes a more holistic approach to campus security. These experts can look at the entire data center campus, identify its vulnerabilities, and then recommend changes, physical security features, and advanced security technologies that will make a real difference in the safety and security of the data centers.
With the risk to data centers rising – as data centers have become critical infrastructure – it’s essential that data center owners and operators engage with trusted physical security experts to create a rational approach to physical security. Whether they’re designing a new data center, or retrofitting an existing one to be more secure, now is not the time to sacrifice on the security of data centers.
