Data centres are a challenging domain, the success of which depends on security of client data. Most data centres store data for more than one organisation. It is very crucial for the data centres to prevent any unauthorised access of data.

Matrix offers a solution whereby data racks are secured biometrically, with records of every access along with its duration. Only authorised person can access specific racks for the stipulated time using biometric verification.

The solution is available in two forms. Time- and user-based rack access with a single biometric device.

Time-based rack access

This form of access control proceeds in the following manner.Once the user completes authentication, he will be able to select the racks to be accessed from a list of accessible racks

Data centre authentication: User shows biometric credentials to access the data centre

Data centre access allowed: Once user is allowed access, he/she will move towards rack access authentication.

Rack authentication: User will click on the screen and authenticate his/her identity through a biometric device placed alongside the screen.

Rack selection: Once user completes the authentication process for gaining access to respective racks, he will be able to select the racks to be accessed from a list of accessible racks.

Rack access allowed: Finally, the user will perform his assigned task within the defined time period.

Centralised biometric authentication

Biometrics provides high-end security over RFID, and hence integrating biometrics with access control solution fetches complete security for data centres. Usually, an employee is required to punch twice in order to access the data rack of his/her organisation.

First Punch: A biometric device will be installed at the entrance of the data centre. A user will punch on the device and accordingly he/she will be granted/denied access. This authentication ensures that an authorised user is trying to access the data centre.

Second Punch: Once user is granted access, he/she will punch again at the device installed near the screen in order to access the respective racks. Once user punches, the screen will display the list of racks that he/she is allowed to access. For example – when ‘X’ employee of ‘ABC Organisation’ punches the second time, the screen will display a list of ABC Organisation racks that are allotted to him. The user then needs to select the racks that he wants to access and accordingly he/she will be granted access.Every rack that is allocated to a company can only be accessed for a definite period of time

Pre-defined rack access

Every company has designated racks allotted to them. The admin can define the racks company-wise, which means whenever a user makes his second punch – a list with racks allotted to his/her respective company will be displayed on the screen.

This feature acts as a USP for data centres as they can ensure that a rack of company ‘X’ will not be accessible to or misused by an employee of company ‘Y’.

Every rack that is allocated to a company can only be accessed for a definite period of time. The admin can set the duration and accordingly users can access their respective racks for the stipulated time period.

User-based rack access

The process of user-based access control proceeds as follows:

  • Data centre authentication: User shows biometric credentials to access the data centre
  • Data centre access allowed: Once user is allowed access, he/she will move towards rack access authentication.
  • Rack authentication: User will show biometric credentials to access the rack.

Centralised authentication and control

User-based access differs from time-based access in this following manner.If the user is authenticated he/she will be allowed to work in the rack for a pre-defined period of time and once finished

First punch with two level authentication: A biometric device will be installed at the entrance of data centre. User will show card or enter the pin code and then biometric credentials on the device and accordingly he/she will be granted/denied access. This authentication ensures that an authorised user is trying to access the data centre. Two-level authentication improves the security level.

Second punch: User will move to the rack and show his/her biometric credential on the device installed at the rack. If the user is authenticated he/she will be allowed to work in the rack for a pre-defined period of time and once finished, the device will close the door automatically.

Admin can define the racks company-wise, which means whenever a user makes his second punch – a list of ABC Organisation racks that are allotted to him will be displayed on the screen.

This feature acts as USP for data centres as they can ensure that a rack of company 'X' will not be accessible to or misused by employee of company 'Y'.Through Matrix's Access Control slution, data centres can manage each and every company’s rack virtually along with enhancing the security

Integration with video surveillance

Matrix Access Control solution for data centres can be integrated with video surveillance solutions. Hence, when a user tries to access the data centre through the biometric device, an image gets captured. In case of unauthorised access, having an image can prove helpful for data centres.

As for time-based rack access, every rack is accessible for a definite period of time, and the admin can set the duration.

Data centres have data of more than one organisation stored in a single location. Managing the data racks is a cumbersome process for data centres. Through this solution, data centres can manage each and every company’s rack virtually along with enhancing the security.

Benefits of user-based access control

The solution provides reports in the form of:

  • ‘Which’ rack is accessed by ‘whom’, ‘when’ and for ‘what’ time-duration
  • Records related to rack accessibility, time duration, etc.
  • Alarm for a rack held open for too long, access denied events, etc.

From the data centre point of view, this system offers the following advantages:

  • Easy maintenance of diverse data
  • Accurate record of access allowed/denied in the software
  • No manual security required
  • Easy data rack management of various companies in a single location

In addition, from the company point of view, it is beneficial in the following ways:

  • Complete security of company data
  • Accurate records of who accessed data at what time

Target user profile:

  • Data centres
  • Server-based companies
Download PDF version

In case you missed it

Security Essen 2018 promises modernised trade show experience for attendees
Security Essen 2018 promises modernised trade show experience for attendees

Newly modernised halls with lots of daylight will house hundreds of exhibitions and conference events at the upcoming Security Essen 2018 at Messe Essen, Germany. A new layout and hall numbering system will be unfamiliar to past attendees but promises to simplify the experience as it brings together attendees and exhibitors. European physical security market Security Essen is an international trade fair, but the emphasis is more on German, Austrian and Swiss companies. In all, Security Essen will feature 1,000 exhibitors from 40 nations. The trade fair has more of a continental European “flavour” compared to IFSEC, which focuses more on the U.K market. At the last Security Essen in 2016, organisers reported about 40,000 visitors including conference participants, VIP guests, members of various delegations and journalists. Security Essen 2018 has more of a continental European “flavour” compared to IFSEC, which focuses more on the U.K market  “This year, we have sharpened the profile of Security Essen,” says Oliver P. Kuhrt, CEO of Messe Essen, a trade fair, congress and event organiser with its own exhibition grounds. “The trade fair has become considerably more digital, more modern and more interactive. Due to the optimised hall layout, we are offering our exhibitors and visitors the best possible experience with short paths and direct communication.” Newly modernised Messe Essen The newly modernised site of Security Essen will encompass eight halls, newly renumbered and with the subject areas reorganised, too. Visitors will find Services in Hall 1; Access, Mechanatronics, Mechanics and Systems in Halls 2 and 3 and the Galeria; Perimeter Protection in Hall 3; Video in Halls 5 and 7; and Fire, Intrusion and Systems in Halls 6 and 7. A helpful smart phone app, downloadable free from the Google Play Store (Android) or the Apple App Store (iOS), will be available two weeks before the event and include a show floor plan; the exhibitor list with booth numbers and contact information; and an overview of the supporting programme. A separate hall – Hall 8 – will house new Cyber Security and Economic Security categories. Cyber Security Conference At the new Cyber Security Conference, located prominently at the new East Entrance, experts will share their knowledge about the more pressing challenges and potential of cybersecurity. The programme opens and closes on 25 and 28 September with the main topic “Opportunities and Risks of Cyber Security”. On 26 September, discussions and lectures will centre on “Entry, Admission, Access: Identification Options”.A helpful smart phone app, downloadable free will be available two weeks before the event and include a show floor plan On 27 September, the topic will be smart homes and focus on “Connected Building, Security in the Buildings of the Future”. Speakers will include the president of Germany’s Federal Office for Information Security, who will address cybersecurity as a challenge for politics, business and society. The fair organises the conference in cooperation with the BHE Federal Association of Security Technology and the technical support of the Federal Office for Information Security. In Hall 8, a new Public Security Forum will enable visitors to experience digital security technologies for public spaces from the areas of sensors/IoT, cyber security and surveillance. The products and solutions will be installed in four different building scenarios (town hall, school, hospital and library) and it will be possible to test them extensively. The forum, including lectures and discussions, will target municipal decision makers and planners of public spaces. Comprehensive programme A Security Expert Forum in Hall 2 will present a continuous programme with more than 90 presentations during the period of the fair. Visitors will obtain information and solution ideas about all six subject areas covered at the fair, and the programme will begin with a keynote lecture each morning and finish with a live demonstration in the evening. On the first day of the fair (25 September), Security Essen’s Career Forum will introduce retrainees, students, trainees and graduates to companies from the security industry. Targeted and professional communication will be established between companies and job applicants to facilitate making contacts, developing networks, and filling actual vacancies. Thursday (27 September) will be observed as Fire Prevention Day, and a Drone Course will be provided each day in Hall 7. One day admission to Security Essen is €41; a four-day ticket is €105. Advance sale tickets are discounted.

Steps to develop an integrated retail security strategy
Steps to develop an integrated retail security strategy

There are many aspects to consider when developing a retail security strategy, including loss prevention, physical security, asset protection, risk management, and IT. All these areas could be the responsibility of just a few people working to secure a handful of stores or each of these areas could be entirely separate departments, as is often the case for major retailers with locations throughout the country. Regardless of the size of the retailer, there are many different technologies that can be used within a retail store to improve security and loss prevention, yet none should be used in a silo. There are tremendous benefits to integrating security technologies and communications systems together, including enhancing overall safety and security, reducing shrink, and improving operations. There are many different technologies that can be used within a retail store to improve security and loss prevention As the existing security infrastructure is evaluated and plans for the future are developed, the team responsible should consider some of the following questions. Are there areas of the store that require greater security? Are there notifications or other technologies that could improve the efficiency of personnel and the safety of shoppers? Are there other departments within the organisation that could benefit from the data gathered by the security technology? Understanding current pain points within the stores and how integrated security solutions can address these is the key to implementing the best solution. Here are a few “hot spots” within a typical retail store that easily demonstrate the power of integrated solutions. Point of sale terminals Whether it’s loss through sweet hearting or other fraud, point of sale terminals present a significant shrink risk for retailers. Integrated systems enhance security at these locations. Video recording of HD or megapixel cameras integrated with point of sale data makes it easy to locate video associated with transactions and exception reporting. This allows for visual verification of each transaction when needed.There are tremendous benefits to integrating security technologies and communications systems together Other risks like robbery not only result in loss, but also impact the safety of employees and shoppers alike. Panic buttons or bill trap sensors connected to the intrusion detection system ensure silent alarms are issued when employees are at risk. When the intrusion detection system is integrated with the video system, pressing a panic button or pulling the bill from the sensor can automatically trigger a video snapshot to be sent to the monitoring station to provide verification of the alarm and more information for law enforcement when they are dispatched. Adding audio integration to the intrusion system can also result in a message sent to the store security personnel’s two-way radio when a panic button is pushed, or a bill trap sensor is activated. If no security guard is onsite, video monitoring services can allow the monitoring centre to intervene through audio, alerting the perpetrator that his or her actions are being monitored and that the authorities have been contacted. This may cause the offender to flee the area, helping to mitigate the safety risk as well as the potential for loss. Panic buttons or bill trap sensors connected to the intrusion detection system ensure silent alarms are issued when employees are at risk High value displays Protect high-value or frequently-stolen items such as electronics, using video analytics integrated with audio communication Protect high-value or frequently-stolen items such as electronics, using video analytics integrated with audio communications. For example, a person standing at a display for longer than a pre-defined time or touching items on display can trigger a video snapshot to be sent to the store manager and an audio message to play through a nearby loudspeaker, such as: “Thank you for your interest in our smartphone selection; an associate will be there soon to assist you.” This not only alerts potential offenders that their actions are being watched, it also serves to improve customer service for legitimate shoppers – as a retail floor associate is notified that a customer may need assistance. Cash office An access control reader at the door to the cash office restricts access to only authorised individuals. Integrating video can automatically capture an image of the person requesting access for verifying an employee’s identification prior to granting access or for retrospective analysis in the event of a theft. Exit doors If an employee props open a back door – either for easy re-entry after a break or to allow access to another person with intentions of theft – integration of the intrusion detection system to the video and audio system can significantly reduce risk of loss. For example, the intrusion detection system can monitor doors for abnormal conditions, even when the system is disarmed.Loss can also occur when a cooler or freezer malfunctions or when the door is accidentally left open A door left open for longer than a pre-defined time can cause an alarm on the intrusion panel, which can trigger a nearby camera to send a snapshot of the open door to the store manager and trigger the public address system to play a pre-recorded message through a nearby speaker. This prompts the employee to close the door, reducing risk of theft. Coolers and freezers Loss isn’t just about theft. Loss can also occur when a cooler or freezer malfunctions or when the door of one of these units is accidentally left open. The same concept for monitoring exit doors can also apply to doors for coolers and freezers to prevent spoilage. A cooler or freezer door monitored by the intrusion detection system can trigger an alert or chime to play in the area to remind an employee to close the door or to alert the store manager to the issue. While providing surveillance of the cash register area, the camera's video analytics can be used to trigger an alert in case the queue exceeds the pre-defined threshold Serving a dual purpose Retailers can use the metadata from the cameras to gather business statistics like counts of people entering the store While the technology solutions described above positively impact loss prevention in a retail store, they can also extend beyond security to improve health and safety and enhance customer service as well as customer engagement and sales. For example, while securing a store’s main entrance with IP cameras featuring on-board video analytics, retailers can use the metadata from the cameras to gather business statistics like counts of people entering the store. This data can help them understand peak days and times when making decisions about staffing. Or while providing surveillance of the cash register area, the camera's video analytics can also be used to trigger an alert in case the number of people in a queue exceeds the pre-defined threshold. At this point, the same public address system and loudspeakers used to play background music to enhance the shopping experience could be activated to broadcast a message to request another cash register to be opened, improving store operations. For security and loss prevention purposes, video analytics can also be used to ensure that no one enters or leaves the retail shop using the emergency exit. To address health and safety issues, these same cameras can also trigger an alarm if that emergency exit is blocked by an object – improving the safety of customers and employees. When systems are used to deliver data for purposes beyond security, other departments may be willing to contribute toward the cost Metadata generated by the cameras can also be used to gather information that when processed with sophisticated algorithms in the cloud can show trajectories of the paths that shoppers take as they travel throughout a store as well as heat maps indicating where they walk, stop and dwell – all while protecting the privacy of individual shoppers. This information can be used by merchandisers to evaluate the success of displays and store layouts, which directly impacts customer engagement and sales. When systems are used for and deliver data for purposes beyond security, other departments may be willing to contribute toward the cost of the system. This provides an added benefit by relieving some of the cost burden from security or other operational budgets. Product selection Integration is becoming easier using standards and expanding industry partnerships. However, in some cases, choosing systems from a single vendor that are designed to work together can help to speed and simplify installation, while also reducing system costs for both the integrator and the user. Regardless of the products chosen, it will be important for a retailer with many locations to have consistency in the type of equipment installed at each site. This makes support easier and enables a more uniform response to incidents that happen at various stores. As many retailers already understand, there is no silver bullet to reducing loss. However, a combination of the right technologies working together to prevent shrink and improve investigative capabilities can result in smarter and more effective loss prevention.

GSX 2018 continues 63-year tradition as an integrated trade show
GSX 2018 continues 63-year tradition as an integrated trade show

GSX 2018 is both a new event for the security industry and the continuation of a 63-year tradition. Global Security Exchange (GSX) is the new branding for ASIS International’s annual seminar and exhibits, which have been held since 1955. In recent years, the ASIS event has joined forces with other organisations to expand its scope and to appeal to a broader audience. Partners include ISSA (Information Systems Security Association) and Infragard, a public-private partnership between U.S. businesses and the Federal Bureau of Investigation (FBI). The expansion is continuing this year with the addition of 30 supporting organisations representing industry verticals and reflecting ASIS’s intent to unite the full spectrum of security. Improving the state of cyber security Held September 23-27 at the Las Vegas convention Center, GSX 2018 seeks to attract more than 20,000 operational and cyber security professionals and 550 exhibitors. The Cyber Security Summit will co-locate with GSX, offering cyber security programming at a time when it is needed the most Other elements will further expand the 2018 event’s scope. The Cyber Security Summit will co-locate with GSX, offering cyber security programming at a time when it is needed the most. Top government, industry and academic thought leaders will engage in a dialogue to improve the state of cyber security. The 2018 Security Cares Program will address school violence prevention and response in a free education program. Topics will include pre-violence indicators, target hardening, and best practices to involve the entire community of school administrators, law enforcement, security professionals and mental health providers. Experts to deliver keynote speeches Keynote speakers including CNN host Fareed Zakaria will bestow celebrity appeal. Air Force Major General Bradley D. Spacy will share details about the new AFWERX innovation and tech hub in Las Vegas and how the U.S. Air Force is collaborating with the private sector to bring new security product ideas to market. Spacy’s keynote on Sept. 26 will kick off Military and Law Enforcement Appreciation Day. Also, K.T. McFarland, former Trump Administration Deputy National Security Advisor, will share an insider’s perspective on critical foreign policy and defence industries. Attendees to ASIS International’s annual gathering typically list networking and education as big benefits of the event. Historically, the trade show aspect has existed separately from the educational program, and foot traffic to the exhibits has sometimes suffered from the competition. Beginning last year, and continuing in 2018, ASIS International has pursued innovative approaches to integrate the trade show more closely into the overall attendee experience. “The integration of programming and exhibits is truly seamless,” says one observer of the new approach. Held Sept. 23-27 at the Las Vegas convention Center, GSX 2018 seeks to attract more than 20,000 operational and cyber security professionals and 550 exhibitors X Learning Theatres GSX has sought to transform the exhibit hall into a ‘learning lab environment’ that features thousands of security products, technologies and service solutions (provided by the exhibitors), in addition to ‘immersive learning opportunities to connect the current and emerging threat landscape with solutions available in the marketplace’. There are several ‘X Learning Theatres’, including one (‘X-Stage’) focussed on leading-edge technologies such as blockchain, cryptocurrencies, AI, drones, and robotics. There is also an ‘Xcelerated Exchange Stage’ to facilitate discussions among security practitioners and solution providers. The ‘Xperience Stage’ showcases case studies and best practices. Also attracting more attendees to the Exhibit Hall will be ‘Career HQ’, a free career fair and enhanced career centre. ‘D3 Xperience’ (Drones, Droids Defence) will focus on unmanned systems with education and demos. The ‘Innovative Product Awards (IPAs) Showcase’ will highlight winners of an awards program. Focussing on security practices GSX is not as much about sales leads as about making connections and contributing to a larger conversation about how to protect people, facilities and assets ASIS International (now GSX 2018) is often compared to ISC West, the U.S. industry’s largest show held in Las Vegas in the spring. GSX 2018 this year may face even more scrutiny based on the changes, rebranding, and location (also in Las Vegas). However, GSX is a completely different show than ISC West, which focuses on the business of security. In contrast, GSX is much more about the practice of security than business. The international network of ASIS International members attend the yearly conference to make new connections, to learn and to benefit from the experiences of other security professionals around the world. The successful trade show exhibitors are the ones that approach the show with that understanding. GSX is not as much about sales leads as about making connections and contributing to a larger conversation about how to protect people, facilities and assets. ASIS International deserves credit for their efforts to integrate the trade show element into the larger goal of the event. Hopefully their new approach will enhance the overall experience for both attendees and exhibitors – and help to make the world a safer place as a consequence.