data center security policy

7/27/2019 Data Center Security Policy

1/16

NAME: PUSHPLATA UPADHYAY

(WRO - 0504046)8286787087

CENTER: KIRTI COLLEGE DADAR(W)

BATCH TIMING: 12:30 4:30

BATCH COMMENCEMENT: 1st july 2013


2/16


3/16

Definitions

Data is any type of stored digital information.

Security is about the protection of assets.

Prevention: measures taken to protect your assets from

being damaged. Detection: measures taken to allow you to detect when

an asset has been damaged, how it was damaged andwho damaged it.

Reaction: measures that allow you to recover yourassets.


4/16

Confidentiality ensures that that data is only read bythe intended recipients.

Integrity ensures that all of the data has not been

corrupted from its original source.Availability guarantees that the data is usable upon

demand.

Accountability is audit information that is kept andprotected so that security actions can be traced to theresponsible party.

Definitions continued.


5/16

DATA CENTER SECURITY:ALWAYS A MAIN CONCERN

When it comes to what customers value, data centersecurity tops the list.

Of course power, cooling, connectivity and other featuresplay an important roles in evaluating Data centerperformance as well.

But any defects in physical security can have devastatingeffects.


6/16

Security measures can be categorized intofour layers:

Perimeter security

Facility controls

Computer room controls

Cabinet controls


7/16

Perimetersecurity

Facilitycontrols

Compute

r roomcontrols

Cabinetcontrols

The four layers of Data Center Physical Security


8/16

OPTIMUM PHYSICAL SECURITY: LAYERING IS THE KEY

The most sound and strategic way to reach optimum

physical security is to design and manage your data center in

terms of layers.

Layering creates depth in your physical protection

structure.

It helps to confirm failure of one element in the system

will not create vulnerability in the whole system.

The inner layers also help prevent malicious or even

unintended data breaches from employees.


9/16

Even though the concept of physical security layering obviously makesunwanted entry originating from outside a data center facility more andmore difficult, inner layers also help mitigate insider threats, which areoften ignored. Consider the following survey.

Even though the insider threat can be the most elusive, physical securitywithin the inner layers of the company, such as computer room andcabinetcontrols, can help secure the heart of your data. Various technology andsecurity assets can be positioned to: Track people Limit unauthorized employee access to high-priority areas Provide an audit trail of personnel access Integrate with video to provide a record of an attempted breach.

WHY INNER LAYERS ARE IMPORTANT
http://localhost/var/www/apps/conversion/tmp/scratch_10/survey.docxhttp://localhost/var/www/apps/conversion/tmp/scratch_10/survey.docxhttp://localhost/var/www/apps/conversion/tmp/scratch_10/survey.docxhttp://localhost/var/www/apps/conversion/tmp/scratch_10/survey.docx


10/16

FIRST LAYER: PERIMETER SECURITY

The primary goals of the first layer of data centerprotection-perimeter security:A perimeter fence equipped with sensors can serveas the first detection point for intrusion.

The perimeter fence detection system can be integratedwithIntrusion alarms.Limited access control points.High-definition video surveillance andMotion-activated securitylighting.

Security personnel will then be able to pinpoint anintrusion

and immediately access the networks security system.


11/16

SECOND LAYER: FACILITY CONTROLS

The goals of this secondary layer of protection are tofurther restrict access if a breach has occurred at theperimeter.

Indoor surveillance for identification and monitoring, aswell as multiple ID verification methods are a must.

By using visitor management and high-resolution video

surveillance systems, facility controls measure, monitor, andrestrict access to the building.


12/16

Third Layer: Computer Room Controls

The goals of the third layer of physical security are tofurtherRestrict access through multiple forms of verificationMonitor all authorized access and

Have redundant power and communications.There are three basic methods for verifying someonesidentity: Possessing or carrying the correct key or token.

Knowing predetermined private information, such asa password or personal identification number (PIN) Providing information that is inherent and unique to thatindividual, including the use of biometric devices to verifyfinger and thumb prints, irises or vascular patterns.


13/16

Fourth Layer: Cabinet Controls

The fourth layer is particularly importantand effective in minimizing the significantand often-ignored insider threat discussedearlier.


14/16

Types of Locking Hardware


15/16

REFERENCES

[1] Jessica Silver-Greenberg, New York Times,Business Day,After a Data Breach, Visa Removes a ServiceProvider, 1 April 2012

[2] Cyber-Ark survey of 600 financial industryworkers in New York and London viaInformationWeek and Actimize surveys.


16/16

Thank you!

I very much appreciate your time and interest.

data center security policy

Documents