Print Page   |   Contact Us   |   Report Abuse   |   Sign In   |   Join the DCA
DCA Member Search
Event Calendar

07/06/2017 » 28/12/2017
Training & Education Courses in 2017

07/11/2017 » 08/11/2017
Zettastructure

07/11/2017
Westminster Forum - Energy

15/11/2017 » 16/11/2017
Data Centre World Paris 2017

22/11/2017 » 23/11/2017
EMEX 2017

Top Contributors

DCA Member's Blog
Blog Home All Blogs
Please post data centre industry comments, experiences, ideas, questions, queries and goings-on here - to stay informed with updates, ensure you are subscribed by clicking the "subscribe" button.

 

Search all posts for:   

 

Top tags: Date Centre  Datacentre  efficiency  EMKA UK  central  Cooling  data  data centre  London  cloud  data centre security  Location  pue  swinghandles  connectivity  EMKA  energy-efficient computing  LDeX Group  air management  anti contamination  BioLock  data centre cleaning  data centre security;  disaster recovery  EU CODE of Conduct  infrastructure  planning  power  university of east london  building 

Toward Zero Security Breaches with EMKA/Digitus Biometric Technology - 5 considerations for securing your sensitive data

Posted By Andy Billingham, EMKA (UK) Ltd, 05 April 2017

If you manage your own data centre, colocation facility or technical data repository, then you know how important security is. It is essential that you safeguard sensitive information from physical theft, hacking, data breaches and human error. Fortunately, much has already been written about this topic, but this article is intended help you strengthen your security strategy going forward. Accordingly, EMKA have identified 5 considerations that will help you protect your data centre:

1. Identify your physical weak points and determine your need:
The first thing you need to do is figure out is where your vulnerabilities are. For example it is never a good idea to build a data centre against outside walls, similarly pay attention to what is housed above and below your data storage facility. By securing these weak points, you can eliminate the most obvious threat – someone breaking in. Small data centres especially may be located in a multi-floor building, in which case consider installing physical barriers, cameras and access control systems. Additionally, it is important to examine your operational processes so that visitors and contractors are not let inside your server room accidentally.

2. Keep track of all your workflow processes:
It is critical that you keep track of your operations and compliance-related activities. You want to limit access to your data storage centre to IT staff and organizational stakeholders. As such, you should regularly monitor your access logs and perform audit checks. Keep track of peripherals, servers and data centre management software, looking for any suspicious activity. If your data centre is in a colocation facility, and you have a trusted provider, most likely your assets are safe and well-maintained. However, a prudent strategy should involve regular audits, regardless of where the centre is housed. Remember holding and managing data may well be the very core purpose of your organisation.

3. Watch out for human error:
The most common form of data breach is that committed by insiders. It is now recognised that danger comes in the form of poor engineering, carelessness, or corporate espionage, but in all cases, people working in your facility pose the biggest risk. Accordingly, it is necessary that you implement strong security policies that hold personnel accountable for their access permissions. It is advisable that you pair access cards with biometric security, such as fingerprint scans, for the best possible defence. Biometric security is safer than passwords and much harder to replicate or steal. Employees will be deterred from lending each other access cards, and if one is stolen, it will be useless to the individual who tries to access your server room. It is important to understand that access should never be shared in an organisation.

Upon enrolment, the EMKA/Digitus Biometrics fingerprint reader creates a multi-point schematic of the user’s biometric fingerprint profile, which it stores as a 384-byte fingerprint template. This template will be matched to the user’s live fingerprint each time that user seeks to gain access. At no time is a fingerprint stored in the system. The system only retains the pattern recognition used by its algorithm.

If the fingerprint data perfectly matches the stored fingerprint template, the reader unit sends an encrypted “open door” command to the control unit. The unit then opens the electric lock and logs the date/time of the user entry.

Due to the precision of proprietary fingerprint recognition technology, fake fingers, the wrong finger, or a finger of someone deceased cannot fool the system and open doors to access secured areas. Further the authorized person may place on the reader a “duress finger” programmed into the system to send an alert to security personnel.

4. Educate your people on security policies:
A big part of having a strong security system is staff member training eg explaining to staff why they should not lend each other access cards and instructing them to report any suspicious activity. Additionally, let them understand that for compliance purposes, workflow processes are strictly segregated and monitored. Often, regulatory agencies will want to see who access which piece of information and when. Eliminating duplication of access means that you are able to adhere to compliance standards with greater ease.

5. Ask your business stakeholders for their feedback:

Once you have a security system fully in place, the next thing for you to do is discuss your policies with staff members. Ask them if they agree your assets are secure. Are they accessing data with ease? What are some potential vulnerabilities? It is also a good idea to talk to your IT staff and get their opinion on the matter.

Ultimately, as data becomes more central to business, enterprises will look for better ways to secure data. Biometric access control systems and two or three level extensions of these allow companies that manage data storage centres, colocation facilities, server rooms and the like to maintain better control of perimeter doors, interior rooms, cages and server racks – with one integrated platform. These sophisticated solutions help organizations prevent data breaches, hacking and problems related to human error. Additionally, these solutions reduce costs and simplify the authentication process for entry to secured locations.

Contact EMKA to discuss your data security issues.

 Attached Thumbnails:

Tags:  biometric fingerprint reader;  biometric security  colocation facility security  data centre security  technical data repository security 

Share |
PermalinkComments (0)
 

How to protect micro data centres and individual defined high risk cabinets in data centres or co-location situations

Posted By Andy Billingham, EMKA (UK) Ltd, 09 September 2015
This white paper by our MD Andrew Billingham is a must read for managers of small data centres as it addresses the issues involved in physical protection of valuable or sensitive data, right down to the level of a single server cabinet.

Andrew asks the question: “How secure is secure?”

According to the most recent studies, only about 20 percent of data centres are secure, leaving an overwhelming 80 percent at risk. It is likely that small centres are at the high end of this range. Fortunately there is wide commonality among Data Privacy Directives in that when boiled down to their essence, data privacy rules and regulations all seek to accomplish the same thing. Government regulations and non-government standards invariably ask four basic questions regarding access to sensitive information:

• Do you have safeguards in place to control access to sensitive data?

• Are you able to continuously monitor who is accessing sensitive data?

• Are you alerted in real-time when information is being accessed without authorization?

• Can you produce an audit trail showing who has accessed sensitive data and when they accessed it?

It’s important to remember that “access” within the context of these questions means physical access as well as network access, and that specific requirements for controlling physical access exist in all rules and regulations concerning the protection of private or sensitive information.

The Cabinet Sentry with biometric processing at the cabinet handle is reviewed as a best practice solution.

The full white paper can be downloaded at www.emkablog.co.uk/cabinet-sentry.

Tags:  biometric processing  cabinet sentry  data centre security  EMKA  server cabinet security 

Share |
PermalinkComments (0)
 

Standalone Electronic Security for Data Centre Racks

Posted By Andy Billingham, EMKA (UK) Ltd, 05 March 2015

We are delighted to offer base level standalone electronic cabinet security with our 1150 electromechanical swinghandle.This provides digital PIN pass code protection for a main lock, plus one other, e.g. a rear door or possibly a neighbouring rack. In a day-to-day data centre or co-location environment the digital keypad can operate two doors together or separately with mechanical cylinder key locks retained for use in case of power failure.

The electromechanical 1150 features an activation window when the correct code is entered on the pin pad then the lock is pre-energised and a green LED is illuminated on the handle. The handle lever then needs to be depressed briefly and released within a live window. After this the window closes and the lock resets – a correct PIN must then be re-entered. Five different PIN codes are available per handle. The administration of the code numbers is carried out directly at the keypad and requires authorisation via special master code number.

The 1150 electromechanical swinghandle is suitable for multi-point flat or round rod systems as well as using industry standard cut-outs, so is a simple retro-fit to upgrade existing equipment with single point or multi-point rod lock installations.

Tags:  data centre security  digital keypads  electromechanical swinghandles  electronic cabinet security  swinghandles 

Share |
PermalinkComments (0)
 

Combination Swinghandle for Data Centre Security

Posted By Andy Billingham, EMKA (UK) Ltd, 16 February 2015

We recognise that even small Data Centres of a few server cabinets handling low sensitivity information still require an appropriate locking system. The 1155 program combination swinghandle is one such solution for data/co-location centres, but also for hardware protection such as bike lockers at universities or other establishments.

The 1155 swinghandle features a conventional round cylinder lock keyed all the same or different as required – this is used in conjunction with a three digit combination lock. The handle may be released using the key only – which also permits the three dial combination to be set. Once set the handle may be released by use of the combination alone – thus the key/pin priority is established for blocks of cabinets with a hierarchy of control.

The IP65 rating also ensures suitability in arduous industrial situations such as banks of control cabinets in a factory environment. The 1155 uses industry standard cut-outs so is a simple retro-fit to upgrade existing equipment with single point or multi-point rod lock installations.

Tags:  combination swinghandle  data centre security  EMKA UK  locking systems;  swinghandles 

Share |
PermalinkComments (0)
 

New BioLock 3500 program offers greater personnel and data protection

Posted By Andy Billingham, EMKA (UK) Ltd, 22 December 2014

Biometric (fingerprint) technology joins digital and RFID card security in our latest developments for the Electronic Locking and Monitoring (ELM) cabinet access and environmental control system, which operates with our modular swinghandle and cabinet locking components.

The addition of the EMKA BioLock, with integral fingerprint reader, to the ELM program now offers a superior level of security for protection of valuable data in compliance with PCI, SOX, SSAE 16 and HIPAA in support of EN 50600 – with unique, personal identification and traceability. The use of biometric access control gives the possibility also of an operator designating specific alarm fingers which both open the system and set off a remote alarm to warn of an operator under threat, so enhancing personal safety.

The BioLock, in conjunction with PIN codes and RFID access cards, provides an extremely high 3 level security protection which may be applied on an individual cabinet or on a designated block of cabinets with, for example, a group controller supplemented with separate cabinet release protocols. Multiple releases of separate panels on individual cabinets are catered for by means of linked ELock slave units.

BioLock management is handled by means of Control Cockpit software which provides comprehensive control and monitoring functions with the flexibility to add/remove/report/alarm in support of the SYSLOG standard – plus an SNMP interface for integration with third party systems.

Contact us to review your needs and how BioLock technology can help improve your access security.

Tags:  biometric locking systems  data centre security  EMKA BioLock  EMKA UK  locking systems 

Share |
PermalinkComments (0)
 

Game Changing Access Control technology and Bullet-proof Physical Security with Indisputable Audit Trails

Posted By Andy Billingham, EMKA (UK) Ltd, 15 December 2014

There have been several breaches of security at high profile institutions in recent times, and almost every day brings a new story of how a building has been compromised and critical data or hardware destroyed or stolen.

It is believed that breaches of security at data centres comprise over 40% of data loss, sabotage and attack.

More than ever before data centre security and physical IT assets are at risk. Whether it is from perceived outside threats or from internal team members, threats to the data and the customers’ critical data continue to grow. A 2011 Gabriel Group Survey* states that over 60% of today’s malicious security breaches are at the hands of company insiders.

Data centre operators have long understood the need for physical access control on server cabinets. In corporate facilities, where data centres are potentially exposed to a significant number of employees, mission-critical servers must be protected from thumb drive data theft and from theft of a server itself. Those same considerations apply to colocation facilities, which must also reassure customers that their servers are individually secure within a generally secured facility.

Certainly, there are many ways of securing data centres, and many solutions have evolved over time to address access control at doors and server cabinets.

Physically securing private information in data centres has proven challenging however, as the necessary technology has lagged far behind network security technology. The network security industry is a steady stream of innovative response to high-tech threats. For most data centres, physical security rests with technology from the last millennium.

In practice, even those enterprises that are highly concerned about addressing risks related to physical access have been unable to elevate alerts and audits to the level possible for network security. This is primarily a matter of deficient technology, as 100% accurate alerting and auditing solutions for physical access have typically extended no further than a data centre’s front door.

The problem is because those solutions evolved separately to address individual access points, rather than addressing the overall needs of the data centre. In contrast, this new Biometric system is designed with an eye toward overall facility needs, and is unique in its ability to serve as a single, networked platform to completely secure every access point throughout a data centre – right up to the server cabinets themselves!

This new EMKA Biometric operated handle provides, for the first time, unique finger print technology stored and processed in the handle on the cabinet with an “Indisputable Audit Trail” to protect valuable data and is compliant with the various data privacy rules and regulations such as: PCI, SOX, SSAE 16 and HIPPA. 

The need to protect sensitive data has never been higher, from the perspective of both good business practice and regulatory compliance – and that applies to physical as well as to network access.

Physical security does not guarantee compliance, and compliance does not guarantee physical security. But the availability of a single, networked platform that can deliver biometric access control to every access point within an enterprise, with an indisputable audit trail, is a strong step toward unifying compliance and security programs – right up to the server cabinets themselves.

There are already in excess of 500 of these new Biometric systems installed, none of which have been breached.

View here for details of the EMKA BioLock system.

Contact us to discuss your Data Centre security needs.

 

Tags:  biometric handles  biometric systems  data centre security  EMKA UK  server security 

Share |
PermalinkComments (0)
 

BioLock from EMKA UK – a New Biometric Locking System for server racks launched at Data Centre Expo in October

Posted By Andy Billingham, EMKA (UK) Ltd, 08 December 2014
Updated: 09 December 2014

EMKA, together with sales partners Data Racks, launched our new biometric locking system at Data Centre Expo – @ Excel London on the 8th and 9th October 2014. The new system addresses concerns that breaches of security at datacentres comprise over 40% of data loss, sabotage and attack. EMKA BioLock provides for the first time unique finger print technology stored and processed in the handle on the cabinet with an “Indisputable Audit Trail” to protect valuable data. EMKA BioLock is PCI, SOX, SSAE 16 and HIPPA compliant.

Fingerprint technology on-the-handle enables the individual and/or combination of individuals permitted to access servers via the cabinet to be determined by a distributed security network based at the cabinet with all 10 fingers being recognised and 2 permitted as “duress fingers” which still open the cabinet but set off a remote alarm. There are already 500+ BioLock systems installed at high security locations such as US Airforce, US Army, NORAD, Memorial Medical Centre, Syracuse University, and the US Naval Academy.

The system was further exhibited exhibited at Data Centre World Dublin @ the RDS Centre on 11th – 12th November and will also be at Data Centre World @ Excel on 11th – 12th March 2015.

Tags:  biolock data centre security  biometric locking system;  biometric technology  data centre security  EMKA UK 

Share |
PermalinkComments (1)
 
Sign In
Sign In securely
News

Data Centre Alliance

Privacy Policy