7 Physical Security Tips for Your Cloud Data Center

7 Physical Security Tips for Your Cloud Data Center

November 26, 2024 0 By David
Object Storage

Most information technology (IT) professionals focus on cybersecurity, forgetting physical security is just as important. While it happens less often, it is no less damaging. Here are tips they should deploy in cloud data centers to address these threats.

1. Audit Integrity Within Supply Chains

Supply chain tampering can undermine the integrity of critical equipment. Although 91% of organizations think nation-state threat actors are inserting malicious hardware or firmware during production — and over 35% know of real-world instances of this happening — just 78% of IT decision-makers say they are increasing visibility into their supply chains.

Periodic, unannounced audits by independent third parties are essential for stopping in-person tampering within supply networks. Since insider threats may be at work, vendors should be unaware of when and how these evaluations will happen. After all, if even just one laptop or server is compromised, bad actors gain easy entry.

2. Leverage Physical Access Controls

Physical access controls can be virtual codes on smartphones, radio-frequency identification (RFID) chips in lanyards, internet-connected smart locks or biometrics-enabled scanners. If given a choice, IT leaders should opt for solutions that cannot be replicated, shared or stolen. Facial scans are one example.

Unlike traditional access control systems that consist of keypads and personal identification number codes, modern solutions can be activated via proximity, tap or touchless scans. They are significantly more secure than a conventional lock-and-key setup because no one can easily share, lose or make copies of keys.

3. Utilize Extensive Video Surveillance

In 2023, around three in 10 chief information security officers dubbed insider threats one of the top security threats. These bad actors can access confidential files and enter sensitive areas without raising suspicion. Video surveillance cameras pointed at entrances, critical equipment, storage spaces and employee areas can help catch them.

4. Set Up Perimeter Protection Measures

The larger an area is, the more likely infiltration will go unnoticed. This is why companies need perimeter protection measures, which include fences, signage, lighting and alarms. These solutions act as the first line of defense for cloud data centers — especially hyperscale facilities. Deterrents help keep all but the most determined thieves and threats out.

5. Regularly Verify Employees’ Identities

Following the principle of least privilege, IT professionals should regularly reverify employees’ identities. Cloud data centers are large — even receptionists and security guards won’t know the faces of everyone who works there. If someone’s access code or RFID-enabled lanyard is lost or stolen and they don’t report it, a bad actor could impersonate them.

In-person biometrics verification can help. It can enable continuous verification at entrances or before employees access sensitive areas. If someone’s face, iris or fingerprint scan doesn’t match those of the identity they are attempting to use to enter, security teams can detain and question them.

6. Deploy a Private Security Team

A private security force may not have the same authority as the police, but companies don’t need to wait for them to arrive at the scene of a crime in progress. They can also alert decision-makers to threats, patrol the data center’s perimeter, kick out unwanted guests and escort individuals with temporary access.

While the legality of a citizen’s arrest varies from state to state, a private security guard should generally be able to temporarily detain someone if they’ve just committed petty theft or a felony. This gives police enough time to respond or issue a legal warrant, ensuring trespassers and malicious insiders are stopped before doing damage.

7. Use Autonomous Threat Detection

An autonomous threat detection system can identify potential security threats. For example, it could flag someone entering a sensitive area after hours. An advanced algorithm could coordinate incident response, enabling real-time, around-the-clock intervention. In addition to operating on-site, it could have broad visibility into all critical infrastructure.

United States-based hyperscalers are investing heavily in undersea cable infrastructure. They poured approximately $20 billion into 20 to 30 new cables in recent years to reduce latency and expand their technical capabilities. As the privately funded model’s popularity grows, the threat of faraway physical tampering becomes more troubling.

Deploying a threat detection tool is imperative because experts are becoming increasingly nervous about nation-state threat actors targeting critical cloud infrastructure. Germany’s defense minister alleges Russia has severed subsea fiber cables in the Baltic Sea. This is concerning because these cables are responsible for nearly all intercontinental data traffic.

Physically Secure the Cloud Data Center

Whether decision-makers adopt the latest video surveillance systems or simply put up a tall chain-link fence, they keep out intruders, thieves and malicious competitors. Of course, managing insider threats and nation-state threat actors will require more effort. However, stopping them from tampering with equipment or stealing data is also relatively straightforward.

##

ABOUT THE AUTHOR

Zac Amos photo

Zac writes for ReHack as the Features Editor and covers cybersecurity, IT, and business tech. His work has been featured on publications like AllBusiness, CyberTalk, and BLR. For more of his writing, follow him on Twitter or LinkedIn.