SCAM ALERT

Building stronger defences for your data centre’s security

15/10/2024

Building a data centre is no simple matter. It requires meticulous planning and rigorous execution through various phases. Keeping data safe involves securing not just the building itself, but also the systems and infrastructure it houses. Time to take a closer look at the various threats affecting data centres and at the strategies and security measures that guarantee data’s integrity and confidentiality. 

Heightened cyber threats

Today, data centres have computerised, fully connected administration. This management covers technical supervision, power and cooling optimisation, energy performance monitoring, asset management, physical access control and video surveillance. These Data Centre Infrastructure Management (DCIM) tools enable assets to be monitored, including remotely. They deliver alerts in case of incident (intrusion, fire, power supply issue, excessive temperature, etc.), maximise availability, optimise service levels and enable a rapid response in the event of a problem.

Just like the IT applications and digital services hosted in the data centre, these tools can be targeted by attacks (including terrorist attacks), whether they are political or financial in intent. As a result, they too need to be protected against cyber threats, which are becoming increasingly frequent and serious.

Securing a data centre starts with site selection. GSE’s land search & appraisal teams analyse natural risks (earthquakes, floods) and man-made threats (such as theft) to identify suitable sites. Accessibility is also crucial: data centres need locations with controlled and secure access, away from high-risk areas.

Infrastructure: secure by design 

Data centres are critical elements of our digital infrastructure. Their design must pay special attention to the systems’ redundancy and to the buildings’ overall construction to guarantee their smooth and reliable operation.

System redundancy is essential to ensuring continuity of operations. Redundant power, cooling and network systems are a must. In the event of a component failure, a redundant system automatically takes over, avoiding any interruption of service. This redundancy ensures maximum availability of the hosted services and reduces the risk of disruption for users. 

The building itself plays a crucial role in protecting the equipment. It should be made with resistant, robust and sustainable materials. Quality construction elements improve protection against unforeseen incidents, while sustainable materials help optimise the building’s energy efficiency, reducing its environmental footprint and operating costs in the long term. 

By “designing in” systems redundancy and robust building construction with our team of BIM experts, data centres can provide a reliable and resilient service, meeting the highest data availability and security standards.

Physical security

A data centre’s physical security is a crucial aspect of the protection of the resources it houses. It implies access control, video surveillance and the presence of a team on site.

  • Access control is designed to restrict access to the data centre to authorised persons, with non-stop monitoring of entries and exits. Choosing the right access control system protects staff, assets and sensitive information. RFID-based technologies offer seamless security with features such as the protection of fob data, secure communication between fobs and readers, physical protection of the reader and secure communication with the system. By integrating RFID tags, data centres can manage & track their assets in real time and receive alerts if they are moved or tampered with – enabling staff to react quickly in the event of a threat.
  • Video surveillance is another essential component of physical security. The installation of CCTVs enables activities in and around the facility to be monitored in real time, reinforcing the site’s overall security.
  • On-site team: the presence of a security team on site 24/7 guarantees constant surveillance and ensures an effective response in the event of an incident.

By combining these various physical security measures, data centres can create a secure and protected environment for the data they house. 

Electrical & environmental safety

Electrical and environmental safety are essential to a data centre’s smooth and reliable operation. These factors are critical to preventing service interruptions, protecting sensitive equipment and ensuring optimum performance in all circumstances.

  • Generators: To ensure a continuous electrical supply even in the event of a power failure, it is essential to use uninterruptible power supplies (UPS) and backup generators. These systems ensure that data centre equipment remains operational, protecting data and critical services from any unplanned power cuts. 
  • Cooling systems: IT equipment generates heat, so a cooling system is needed to prevent overheating and maintain data centre performance. This includes the use of air conditioners, ventilation systems and liquid cooling technologies.
  • Fire detection: Smoke detectors and fire suppression systems adapted to data centres must be installed. These systems promptly detect the first signs of smoke and neutralise outbreaks without damaging the equipment. 

Thanks to these features, data centres can ensure robust protection against interruptions and potential damage – as well as maintain a stable and secure environment for continuous operation.

Data security

Data security is the very purpose of a data centre, where huge amounts of sensitive information are stored and processed. Ensuring that data is protected against internal and external threats is crucial to maintaining customer confidence and regulatory compliance. There are three essential components to this security.

Firewalls monitor and control incoming and outgoing network traffic, allowing only authorised communications according to pre-established security protocols. They prevent intrusions and potential attacks by filtering data and blocking unauthorised access. 

Data encryption protects sensitive information by making it unreadable to any unauthorised person. Even in the event of a security breach, data remains protected from unauthorised access, preserving its confidentiality and integrity.

Network segmentation divides the infrastructure into isolated sub-networks, each with its own security checks. This practice limits the spread of threats by confining incidents to specific segments, preventing them from affecting the whole network. 

These data security measures enable you to create a secure and resilient environment for your data centre.

The main data centre security standards

Although the Tier Classification of data centres does not directly reflect their standards of security, higher level facilities (Tier 3 or 4) are generally larger and more complex. As a result, they tend to incorporate more sophisticated and extensive security measures. High-tier data centres need a very strong level of protection to guarantee their standards of network reliability. Conversely, smaller data centres generally do not have the resources to implement such high levels of protection and are often classified as Tier 1 or 2

Businesses requiring maximum reliability and security need to carefully assess the level of security offered by the data centre based on their specific needs.

Design and infrastructure standards

Data centres are critical facilities requiring rigorous design and infrastructure standards to guarantee their efficiency, security and reliability. Certified by recognised institutions, these standards guarantee compliance with best practice in terms of the environment, quality and information security. 

GSE masters the application of all the technical standards attesting to data centres’ performance and reliability, including ISO 14001 (environmental), ISO 9001 (quality) and ISO 27001 (information security). 

ANSI/BICSI 002-2014

This standard covers the planning, design, construction and operation of mechanical, electrical and plumbing (MEP) building services. Aspects of maintenance, IT and fire protection are also included.

ANSI/TIA 942-A 2014

Focused on cabling and computer networks, this standard has four rating levels to describe the reliability of communication systems. It ensures that cabling infrastructures meet performance and durability requirements.

EN 50600

This EU standard assesses data centre facilities according to availability classes – ranging from 1 to 4. It covers several key aspects:

  • General concepts
  • Building construction
  • Power supply / distribution
  • Environmental control
  • Telecommunications cabling EN 50600-2-4
  • Security systems
  • Management and operating systems

Les normes réglementaires

Depending on the nature of the business, different regulatory standards may apply, including HIPPA, SOX 2002, SAS 70 Type I or II, and GLBA.

Our expertise in these standards enables us to ensure that data centres meet the strictest requirements in terms of quality, security and regulatory compliance, providing our clients with the reliable and secure infrastructure they need.

Choosing the right standards: be consistent

For data centres as in other lines of business, the appropriate standards depend on a company’s nature and location. For a medium-sized organisation, local standards can often suffice to ensure quality and compliance. When a company operates internationally, however, it may be advisable to combine local and international standards or to comply exclusively with recognised international standards – ensuring the harmonisation of practices and global recognition.

Contact us