Server Room Access Control
No matter what size the IT facility, physical access must be managed and controlled by means of a server room access policy. The IT server equipment within a server room or datacentre is not only expensive but the data processed and stored must be protected always from theft and damage. Supporting systems including HVAC and UPS systems and standby power generators must also be protected for overall resilience.
Datacentre Secure Access Systems
Datacentres have dedicated spaces including areas designated white-spaces for the IT equipment and grey-spaces for power and HVAC plant systems. Access to these parts of the datacentre is controlled and managed. In contrast, many smaller server rooms provide a dual function housing IT server racks and potentially a store for archives and general storage. Server Room Environments provides a range of server room access systems for critical IT facilities including:
- Access Control Systems: using an access control smart card system integrated into a building’s infrastructure with each card having access and point-of-entry rights. Access control card systems are suitable for datacentre where it is necessary to restrict access and movement within certain areas. The cards can be programmed for a range of access privileges (from general visitor to IT manager and maintenance engineer) including: floors, doors, elevators, HVAC and lighting systems. Access control cards can also be augmented with more advanced biometric recognition systems including fingerprint and iris-recognition.
- Keyless Locks and Electronic Code Systems: these are less complex server room access control systems that require a code to be entered for access to be granted. Whilst it is possible to zone areas for security, the code might never or rarely be changed (even if an employee leaves) and may be leaked to other members of the organisation. Some more sophisticated systems provide employee-specific access codes which can mitigate this.
- Locks and Keys: the simplest form of access control which can be secure if used correctly. Keys access can be restricted (signed in and out) and care should be taken to ensure the keys are not duplicated. An added measure would be to change the locks (and corresponding keys) on a regular basis.
Surveillance is an important part of an access and server room security system and should not be underestimated. CCTV cameras can be fixed cable, IP-based or WiFi wireless and the use of smaller web-cams can also increase surveillance and monitoring capabilities.
The construction of the server room or datacentre can also add to the overall design and security. The design should include architectural and construction features that discourage, prevent and defeat any attempts at intrusion and break-in. Single break-in points must be avoided and any entry points protected with a correctly specified and installed access system.