In this episode we expand on the layers of security in a Data Centre. We build on the last episode’s introduction to the layers of security and define what you are looking for in each layer of security.
From a security and risk management prospective you need to take a holistic view and identify what risks (both natural and human) it is you are trying to identify and understand.
We discuss:
A layer of security before your perimeter.
- Assessing an environment.
- Looking at your neighbours and what is around you.
- Vehicle mitigation.
- Camera visibility.
Perimeters and entry points
- Fence Lines and Perimeters
- People assessing what is happening around and before your perimeter layer.
- Do you need restricted access.
- Assessing your risks and your threats.
Security Systems and Access
- Electronic security management system.
- Video surveillance.
- Access system.
Guidelines and procedures
- Policies and procedures.
- Training all people in security procedures.
- Humans as the biggest threat to security.
Restricted Areas
- Locking down areas general people don’t need access to.
- Dual factor authentication.
- Access control and management.
- How to handle keys and ensure security.
- Keeping operations separate from the assets you are trying to keep secure.
In todays environment security is not a set and forget. The convergence of physical, cyber and network security means you need to be constantly re-evaluating you security risk management, threats and posture. If you are not, you will end up with trouble.