|Contact company||Save||Send to a friend|
|ASSA ABLOY EMEA||Download Datasheet|
Who is accessing your company’s most sensitive data? Where? When? And if someone without authorisation did, how would you know?
Some of the world’s best-known companies have succumbed to data breaches that proved expensive in terms of both cost and reputation. The focus is usually on a digital attack. Passwords and anti-hacking procedures come under scrutiny, particularly in a world where so much of our information lives in the cloud.
However, there is another way that company data can fall into unauthorised hands: someone could walk right up to your server and access it physically, with equally disruptive results.
Shared data centres
The risks increase when companies use shared data centres, or ”colocation”, which has become an increasingly popular option. According to 451 Research KnowledgeBase, the global colocation market could grow from $23 billion in 2014 to $37 billion by 2017. All our “big data” has to go somewhere and shared data centres provide a cost-effective solution, even for information of the most sensitive kind.
Of course, data centres have stringent security procedures, but is it wise to fully entrust your valuable data -sensitive customer information- to a third party? Can you be certain that a third party’s security procedures meet your legal compliance commitments, to the European Data Protection Directive, the Sarbanes–Oxley Act, the PCI Data Security Standard and other personal and commercial data protection regulations?
Further, do you even know who you share server space with? It could be a direct competitor.
Disruption of physical security and potential breach as a result may not even be deliberate or malicious. Server rooms have a steady flow of authorised traffic: cleaners, maintenance staff, repair technicians and more. Unfortunately, accidents happen.
Data centre security management
For these reasons, data centre security management needs to be high on any company’s agenda, as high as cyber-security. In an interview with datacenterknowledge.com, Jason Cook, CTO of BT Americas, suggested: “Physical security is still one of the easiest ways to get access to data. With all of the sophistication in current technology, what’s the point, if someone can walk in and open the door?”
IBM estimates the average cost of a single data breach at $3.79 million. Fortunately, technologies that can help secure servers—even in colocation data centres—cost a lot less than that.
A high-security mechanical lock might seem like a solution, but a mechanical system can be expensive to run, due to the costs of secure key management and replacement when keys go missing. Once issued, there’s no way to change a physical key’s user rights. A mechanical-key audit trail- who had access to your servers, when, for how long- will probably not be enough to conduct a proper investigation in the event of any type of breach. Even high-security perimeter doors and CCTV-powered server room security will not suffice, if your server rack has an old-fashioned mechanical lock.
Server cabinet locks are the last line of defence against a physical breach, yet mechanical keys are still a common sight in data centres. This is becoming increasingly unsatisfactory, especially when that server could hold the key to your business success.
KS100 Server Cabinet Lock
One solution is ASSA ABLOY’s Aperio® KS100 Server Cabinet Lock. The KS100 adds real-time access control capabilities to a server cabinet, drawer or rack. It brings server racks into an existing third-party access control system, without breaking the bank. KS100 electronic locks work with smartcards using all standard RFID technologies, including iCLASS® from HID, Seos™, MIFARE® and DESFire.
Installation is quick and easy, with power via a Power over Ethernet (PoE) connection. Once installed, KS100 locks integrate with your access control system and communicate wirelessly through an Aperio® Communication Hub. With online integration, when any of your smart credentials is presented to the lock, access decisions are communicated from and recorded by the system wirelessly.
With Aperio®, lost cabinet keys no longer compromise server security: smart credentials are simply de-authorised and a valid replacement can be quickly re-issued. The current status of any lock can be revealed with the click of a mouse. Generating detailed audit trails is straightforward, making the KS100 invaluable for incident investigation. With Aperio® server cabinet locks, businesses have the freedom to manage access to their own equipment and data, even in colocation data centres.
Do you know exactly who last had access to your servers, and when? Install Aperio® and next time your data manager asks, the answer is yes.
For more on how Aperio® can secure a data centre, see www.assaabloy.co.uk/securedata.
|Tyco Security Products launches Kantech EntraPass 7.0 integrated with ASSA ABLOY Aperio Wireless Lock Technology|
The newest version of Kantech’s EntraPass Security Software includes ASSA ABLOY Aperio wireless lock integration and a robust partner...
|ASSA ABLOY CLIQ mechatronic locking system makes flexible access management easier|
CLIQ is a mechatronic locking system which combines high-end mechanical and electronic security in a broad range of key-operated cylinders...
|ASSA ABLOY Aperio wireless cylinders, escutcheons, locks and server solutions integration with AXIS A1001 network door controller|
The AXIS A1001 network door controller operates on a flexible platform, built to easily adapt as security needs at a site change. Now with seamless integration of...