We all know data centres are high security sites, requiring the highest level of security systems to stay safe and secure. Whatever the size of the data centre, a breach in security just can’t happen. So, to keep data centres safe, what security standards are in place to protect against an attack?
The International Organisation for Standardisation (ISO) published the ISO/IEC TS 22237-6:2018 outlining the standards for security within data centres and their surrounding premises. It discusses the appropriate security systems that should be implemented to protect the physical infrastructure of these sites. This document was published in 2018, and as we know the security industry moves fast. New threats and tools are being used daily, not to mention since the pandemic hit, a mass online migration has skyrocketed the growth of data centres across multiple countries. That’s why the ISO is currently in the midst of reviewing and updating this very standard with the right physical security information in line with growing online presence, new threats and tools being used. Data centres will need to review their current measures, and ensure they’re compliant with any new processes, strategies, and security systems that come to light in the updated standard.
Another well-known standard for data centres, and many other high security sites is the Centre for the Protection of National Infrastructure (CPNI) security rating for given products. It states that, “the perimeter of a site is one of the key locations where physical security measures and controls can be applied to protect both users and facilities. Without proper thought, the perimeter can become a significant vulnerability.” But what does the CPNI consider when evaluating physical security fencing systems for a high security site?
A security fencing system must:
- Demarcate the boundary of site
- Deter intruders from attempting to gain access
- Provide a delay in attack, whether that be against burrowing, penetrating, or scaling when used in conjunction with a Perimeter Intrusion Detection (PID) system
- Act as a host for said PID system
- Enable clear external view through the fence line or provide restricted visibility from outside of the compound if required.
Security measures are essential for deterring inexperienced intruders from gaining access. But what about the most determined attackers? Security measures can only hold up for a certain amount of time against these attackers, delaying them gaining access. This is where additional security controls can be added to ensure that the fencing system gives you the protection needed to allow for responders to make it to the scene.
Where scaling of the perimeter is the route of access, then the use of ‘security toppings’ can deter and delay. According to CPNI, “These are designed to increase the difficulty of climbing a fence by snagging/entangling the intruder and providing additional deterrence when using Barbed Tape Coil (BTC). A topping should not aid an intruder by providing a firm hand or foothold and must always be specified and installed in accordance with the relevant legal and safety standards.” In addition, CPNI also suggests that perimeter systems are combined with further measures such as security lighting, electronic surveillance, and electric/power fencing, providing deterrents to intruders. These areas must be covered for any product to be considered suitable for high security usage.
Alongside these physical security standards and measures that are put in place, security strategies are a necessity for an added layer of protection. Check out our latest blog post on how data centres can use the layered approach to security, protecting themselves from threats and attack.