Sophisticated key management allows for a wide range of configuration and installation options
A variety of control and usage options are available for automated key management systems in data centres

The protection of networks and data centres is a growing concern given the recent spate of high profile security breaches, and it is forcing organisations into taking serious steps to improve protection. For many businesses, this means implementing a combination of passive and active security measures designed to deter, detect and react against threats. Included in these measures are multiple layers and types of safeguards, including physical measures, such as video surveillance or mantraps, and established policies and procedures that limit physical access, such as the use of key management and access control systems.

In particular, key systems are designed to securely hold keys and automatically track key usage. To access a stored key, the authorised user simply enters his or her personal identification code on the keypad and when the system verifies the user, the door will open and the location of the requested key will light up. Key control systems can also be configured with card readers or biometric readers and can be networked for centralised control. At any time, security operators can view the status of any key in the system; quickly and then ; determine who currently has which keys out and for what area and when they are scheduled to be returned; or determine who has had keys out, for what areas and when. Keys can be returned to any cabinet in the system, but if a key is not returned when scheduled, e-mail alerts and text messages can be sent to selected individuals to enable quick action.

These types of automated key management systems are ideal for use in a data centre facility because, in addition to the security they provide, they offer a variety of control and usage options. Following are a few scenarios that illustrate how implementation of these options can help ensure a more secure facility.

Specialised enrollment

This application entails enrollment of individuals based on their function. For example, an operations centre engineer can be authorised for 24/7 key access, whereas a technician may be restricted to accessing a particular key at certain times and for specific amounts of time. Similar access restrictions/permissions are easily programmed for personnel such as cleaning staff or security guards, who have reason to be on the premises but are not company employees. System administrators can quickly and easily terminate or revise individuals’ access in the event they leave their job or their shift is changed. Additionally, keys are securely attached to a fob, which prevents switching or duplicating keys.

Access control key systems

To address security concerns in high risk environments such as data centers, a Remote Box provides an additional layer of protection. The key control cabinet is installed in a secure room where it is protected from any potential vandalism or tampering, and the Remote Box is typically installed outside the secure room. Once an authorised employee inputs his PIN and other information into the Remote Box and it is validated, a second employee inside the secure room inputs her information as well, providing access to the key for which the first employee is authorised.

To address security concerns in high risk environments such as data centres, a Remote Box provides an additional layer of protection

The versatility of the key control systems also lends itself to more complex applications in larger data center environments, as when multiple pieces of identification are needed to move about the data centre. In this example, a general access badge would allow the employee entrance to the building and a second badge would be used to access internal areas of the data center facility. To maintain tight security, the internal access badge would be secured in a key cabinet when not in use by the authorised employee.

Custom tailored configurations

Sophisticated key management allows for a wide range of configuration and installation options, including other items found in a data centre to which access also needs to be controlled. These might include radios, cell phones, hand-held computers, specialised test equipment, etc. which are used by different personnel through the course of any given day and are expensive and represent potential security breaches if stolen or misplaced. Additional modules for the system such as lockers can hold and control access to these devices, complete with an audit trail to record when they are removed and by whom. And, as access control systems continue to proliferate, the access devices themselves, such as magnetic cards or proximity devices, need to be secured in the same way as physical keys do. More advanced systems also accommodate these devices with specifically designed modules that can be used in any combination with standard key or locker modules.

Given that so much of an organisation’s assets and information are online and accessible, organisations must take a proactive approach to defending against these attacks. Today’s key control systems deliver ample testament to the benefits of reducing security threats with a well implemented key management system

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

Author profile

In case you missed it

Which security technology is most misunderstood, and why?
Which security technology is most misunderstood, and why?

The general public gets much of its understanding of security industry technology from watching movies and TV. However, there is a gap between reality and the fantasy world. Understanding of security technologies may also be shaped by news coverage, including expression of extreme or even exaggerated concerns about privacy. The first step in addressing any challenge is greater awareness, so we asked this week’s Expert Panel Roundtable: Which security industry technology is most misunderstood by the general public and why?

Lessons Learned with Vanderbilt: How have you adapted to the COVID-19 pandemic?
Lessons Learned with Vanderbilt: How have you adapted to the COVID-19 pandemic?

With the postponement of tradeshows and events due to the effects of COVID-19, Vanderbilt and ComNet have taken their high quality, innovative solutions online, directly to their customer base. Through an Online Events and Training resource, you can stay connected with the brands’ top resources and products, as well as join upcoming product webinars hosted by their in-house experts. With a majority of the world currently working from home, businesses must respond to this changing landscape. As such, Vanderbilt and ComNet have turned to online resources to share new product demonstrations and other company news. One cornerstone of the ACRE brands approach was the launch of their Online Events and Training resource page. Ross Wilks, Head of Marketing Communications at Vanderbilt, credits this online resource as the anchor to their communicative success with customers at present. “Through weekly webinars delivered by our in-house experts, Vanderbilt and ComNet have embraced more virtual opportunities to continuously communicate to our customers regarding our latest and most relevant products,” he says. “To date, our webinars have covered a wide range of industry topics such as Why Physical Security and Cloud go together, and The most recent developments in card cloning and reader hacking. Attendance to these online events has proved popular and effective in keeping communication with our customer base open and engaging.” Each webinar ends with a Q&A section, as well as follow-up articles on the most asked questions, plus recordings of the webinars being made available to attendees. As such, the webinar approach has proven a receptive approach for Vanderbilt and ComNet. The Online Events and Training resource acts as a one-stop-shop for all virtual information. Overall, the page outlines the brands’ value-added resources for customers, including the ability to request a remote product demonstration, the availability of free online training, 24/7 access to the Vanderbilt webshop, plus the aforementioned weekly webinars. Vanderbilt and ComNet’s business mantra is built on a foundation of customer-focused core values such as empowerment, collaboration, and high performance and Wilks credits this mentality with their ability to keep information flowing to their base during the present pandemic. “The ACRE brands moved early to kick-start online webinars and ramp up awareness of their already existing online training and shopping options. Now more than ever, it is important to keep customers up to date on the latest offerings,” Wilks explains. “Our commitment has always been to make their customer’s security journey the best possible experience, and that is what this Online Events and Learning page primarily focuses on,” he concludes.

What’s new with video management systems (VMS)?
What’s new with video management systems (VMS)?

Video management systems (VMS) have been around almost since the advent of IP cameras. During those years, VMSs have evolved from software that provides basic functionality to more user-friendly systems offering a growing list of capabilities, many of them related to analysing data as well as recording and displaying video. But the evolution is far from over. We asked this week’s Expert Panel Roundtable: What’s new with video management systems (VMS), and what are the new opportunities?