How are data centres failing to connect the dots between cyber and physical security?

How are data centres failing to connect the dots between cyber and physical security?

Nick Smith, Business Development Manager at Genetec, says that in order to secure an organisation against cyberattacks, it should approach security holistically – recognising it as both a business issue and an IT issue and both should work together collaboratively to address it. 

As the use of data centres has grown in popularity, so has the need for strong security measures to protect the valuable data stored within them. Those measures must simultaneously prevent unwanted entry in the real and virtual world, yet it’s common for one person or department to have this joint oversight or responsibility. 

Typically, the responsibility for cybersecurity lies with the IT department, while physical security falls under the remit of the facilities team. These two teams often work independently, with infrequent communication or collaboration between them. 

This failure to connect the cyber and physical security dots can have serious consequences. A hacker who gains access to a data centre’s network, for example, can cause physical damage by shutting down critical systems or starting a fire. A physical attack on a data centre, on the other hand, can result in the theft of sensitive data or the destruction of critical infrastructure.

To address this issue, data centre operators must adopt a more comprehensive security strategy. This necessitates a mindset shift as well as a willingness to break down silos between different security teams. A more comprehensive approach to security should account for the entire security context and address them in a unified plan. 

Security as a shared responsibility

Data centre security is a shared responsibility and cybercriminals use a comprehensive approach to detect vulnerabilities. Thus, data centres must adopt an integrated approach that addresses both virtual and physical threats, requiring collaboration between IT, physical security teams and other departments within the organisation. Securing against cyberattacks depends on a combination of people, processes and technology and should not be addressed within departmental silos. Effective collaboration with colleagues from other departments is essential for success.

To secure an organisation against cyberattacks, access to physical servers must be restricted, monitored and audited. HR, physical security and information security professionals all work together to support the business and mitigate risk in a data centre environment. Employees, contractors and visitors to data centres all require access to restricted areas regularly. Therefore, organisations should approach security holistically, recognising it as both a business issue and an IT issue, to address both virtual and physical threats.

A layered approach

Securing a data centre requires a multi-layered approach to defend against potential threats. Each perimeter of a data centre has its unique set of access rights, risk profile and operational requirements, so controlling access to the facility is only the first step. It is equally critical to manage access to specific data halls, rooms and even individual cabinets. A comprehensive plan that discourages unwanted incursions is essential and can include a combination of technologies such as video surveillance, licence plate recognition, biometrics, LiDAR and fencing. However, relying too heavily on any one technology is not recommended and a layered approach ensures that if one method fails, other measures are in place.

Automated alerts and a structured process can help security operators to identify, investigate and resolve potential threats quickly and consistently. Depending on security operators to manually monitor incoming sensor data for potential security issues may not suffice as it can be overwhelming. A layered approach to data centre security that incorporates a combination of technology and well-defined processes can help to protect against unauthorised access and potential threats, ensuring that data remains secure.

Centralising security operations

Centralising security operations enables data centre operators to monitor activity across their physical site and networks, ensuring regulatory compliance and a smooth flow of people. Manual intervention in the access control system can lead to human error and make criminals vulnerable to social engineering techniques. A physical identity and access management solution, automating workflows and bridging physical and IT security, can be implemented to reduce these risks and improve cost efficiencies. It is critical to invest in a scalable and unified security platform that takes into account user needs both inside and outside of the physical security function.

Compliance operations can be simplified and irregular activity detected more quickly by implementing a centralised security platform. Automation is required to ensure that these activities are carried out consistently. By combining resources and expertise from across the organisation, a common platform with greater capabilities than any one function could develop alone can be deployed. This simplifies day-to-day operations and prevents future issues caused by overlapping systems that create operational blind spots as a result of a failure to integrate.

Securing IoT devices

Finally, it is critical to ensure that physical security systems do not pose any cybersecurity risks, as attackers can gain network access by exploiting vulnerabilities in IoT devices such as security cameras, access control readers and alarm panels. IoT attacks primarily target routers and connected cameras, accounting for more than 90% of all such attacks. To reduce these risks, it is critical to take preventive measures such as running the most recent firmware version and avoiding default passwords.

Physical and cybersecurity responsibilities must be shared to avoid unplanned downtime. Security teams need to work to update core business systems and devices, while also maintaining current hardware. Automation can be used to reduce employee burden and more efficiently manage firmware and passwords. Organisations can ensure a robust cyber-physical security framework, prevent potential network entry points, eliminate cybersecurity vulnerabilities and avoid unplanned downtime by integrating physical and cybersecurity measures into a single plan. A comprehensive security approach is critical in protecting data centres from potential threats.

Conclusion

With the UK’s data centres supporting an Internet economy that accounts for more than 16% of domestic output, 10% of employment and 24% of total UK exports, it is clear that data centres have become the heart of modern business. Data centre operators must recognise the importance of connecting the dots between cyber and physical security to ensure comprehensive data protection. By implementing a shared responsibility approach, centralising security operations and leveraging automated access control and monitoring systems, data centre operators can improve their security posture while remaining compliant with regulatory frameworks. By combining the right people, processes and technology, data centre operators can maintain customer trust while also protecting against the potentially devastating impact of cyber and physical security breaches.

Browse our latest issue

Intelligent CISO

View Magazine Archive