Beyond just cyber-attacks: taking a holistic approach to data centre security


As your data gets more critical, so does its security. Recent analysis from 451 Research reports 75% of businesses expect the importance of their data to grow in the coming 12 months. Yet that data may be worthless — or even damaging — if it is not kept safe

A 2014 Information Security & Data Breach Report report suggested three-quarters of data breaches result from compromised physical, as opposed to cyber, security. While this proportion has likely fallen in the intervening five years, many organisations still have a blind spot when it comes to the physical security of their servers. A holistic approach to data security is the answer.

How much would a breach cost you?

Costs from a data loss can be direct: in day-to-day disruption, a corrupted contacts database or deleted software. Indirect costs may be equally significant. Any loss might affect customer trust or chip away at hard-won brand equity. Violating General Data Protection Regulation (GDPR) and the Protection of Personal Information act (POPI) could cost your company up to R10 million in fines.

Holistic data security & your servers

Do you log every access to your servers? If the answer is “no”, data is at risk. Firewalls and digital hygiene protocols keep unwelcome cyber-visitors out. Holistic data security demands a physical security solution for servers, too.

At the top level, perimeter security keeps unauthorised personnel away from server storage facilities. Electronic locks with RFID readers work alongside CCTV and other measures. Effective server room security requires door access control devices such as electronic cylinders or electromechanical mortise locks alongside water- and dustproofing and electromagnetic protection.

The third, final level of physical data security is your server rack or cabinet. Server rooms experience a steady trickle of authorised traffic: cleaners, maintenance staff, repair technicians. Server rack or cabinet locking is your last line of defence against a malicious or accidental physical data breach. These are especially important in co-located data facilities, where you may not have direct control over, or even knowledge of, employee screening and other personnel checks.

The new Aperio® KS100 Server Cabinet Lock with inbuilt RFID adds real-time access control and monitoring to servers, seamlessly integrating their access control with your existing third-party access control system, whoever its manufacturer or system integrator. Racks in distant co-located data centres integrate just as easily.

According to the GDPR, businesses are obliged to inform everyone affected by a breach “without undue delay”. With Aperio® Online and connected Server Cabinet Locks, you are alerted immediately if someone even tries to get in without permission.

Could better access control help you make the step up to holistic data security? Download ASSA ABLOY’s ­­free 12-page whitepaper