data on green background

Physically protecting data, the world’s most valuable resource

Data is the oil of the digital era[1], rising to the top spot of the World’s most valuable resources list over recent years. In this digital age, enterprises of all sizes and sectors rely on data centres – either offsite at purpose-built facilities or onsite within their own premises – to store large amounts of networked computers, confidential information and other critical IT assets. This reliance on data centres makes them a highly desirable target for criminals and terrorists wanting to cause widespread disruption, so IT security managers have a huge responsibility to keep these facilities, and the assets they house, secure.

It’s an unfortunate reality of today’s digital world that cybercrime continues to proliferate, with incidents of data breaches and theft increasing worldwide. But, in the rush to secure networks, servers and endpoint devices, many organisations overlook the risks hidden in the physical infrastructure necessary to keep data centres operating securely.

Physical entry to a data centre should be strictly controlled with procedures in place to monitor and manage pedestrian access both into and within the data centre. In this environment, entrance control has two key aims, and our Fastlane and Door Detective products can satisfy both:

  1. Prevent unauthorised people from entering the facility beyond reception, or other restricted access areas within the facility
  2. In the event of an intruder gaining access, quickly detect this and identify the suspect so that the correct response can be deployed

 

Capable of integrating with every known access control system, our Fastlane range exists to enforce your building entry procedures and ensure each person entering a facility is identified. Whether you wish to issue authorised personnel with key cards or verify their identity using biometrics, the intelligent technology within a Fastlane unit which decides to allow entry – or deny it – makes thousands of calculations per second based on luggage being carried or pulled, tailgating, unauthorised passages and much more, and is capable of processing up to 60 authorised people per minute.

Fastlane Connect FastCam programme on screenIn the event of an unauthorised access attempt being made, or an irregular flow of traffic being detected, an alarm will sound to alert security staff. If integrated with a CCTV system or our FastCam app, images of the breach and the suspected intruder will be captured and can be quickly reviewed to identify the people involved. The individual causing the alarm can be recognised as friend – who perhaps forgot their key card that day and saw no harm in tailgating a fellow employee through the gate – or potential foe, at which point the appropriate response can be deployed before they penetrate too far into the building.

Your people might be your biggest threat

Tailgating is the act of following someone through an open door unauthorised and is a widely accepted security threat. The follower is the one at fault, even if there is no intent to deceive or cause harm and the person being followed may not even be aware of the act. In contrast, collusion is when individuals purposefully act to let someone in through a secured point who otherwise wouldn’t gain access. With collusion, the one with the key card is at fault as the intention is to bypass the security system to allow unauthorised access. You need to be able to detect any occurrence of these kinds of unauthorised access events and deal with them appropriately. You can read more about the differences between tailgating and collusion here.

blurred image of tailgatingThe threat that arises through collusion by staff should not be underestimated, whether this be intentional or just an employee ‘being kind’ by letting someone they believe is harmless through a controlled access point because they “forgot their key card.”

Known for coining the term ‘social engineering’ – which means using “influence and persuasion to deceive people by convincing them that the social engineer is someone he isn’t[2] – and formerly on the FBI’s Most Wanted list for hacking, Kevin Mitnick believes that people are the greatest risk to security. He commented: “If an attacker wants to break into a system, the most effective approach is to try to exploit the weakest link—not operating systems, firewalls or encryption algorithms—but people.”[3]

A person with malicious intent and ‘social engineering’ skills can cause great damage by gaining unauthorised physical access to a data centre facility, even if they have limited technical ability, making it a very tempting attack strategy. To help mitigate this threat, all staff should be regularly trained on how to spot possible cases of ‘social engineering’ and how to strictly follow and enforce the physical security policy, so they aren’t tempted to unwittingly collude with an intruder claiming they forgot their key card!

Add an extra layer of detection in higher security areas

Having a bank of security turnstiles at the front door will prevent unknown individuals from entering the building beyond reception, but this won’t prevent authorised individuals within your organisation – or approved external contractors such as service engineers or cleaners – from being able to access more sensitive areas of the facility. No matter how rigorous your background checks, can you ever be sure that your employees won’t pose a threat?

Alongside Glassgate 150s, one of the leading social media providers has been installing our Door Detective Compacts at their sites across EMEA to protect the data they house. Like this data giant, you will likely need to apply additional levels of security on certain interior doors within the building, to perhaps the server room or other more at-risk areas where you need to restrict access to just a few personnel. The Fastlane Door Detective range reinforces access control systems and provides an extra layer of security and detection by monitoring the throughput of internal access-controlled doorways, corridors and passageways and ensuring that the ‘one person one door access’ rule is met.

Fastlane Door Detective Plus door entry system entrance control securityUsing multiple infrared beams from enclosures mounted near the door frames, Door Detective accurately monitors movement in both directions each time a person presents their credentials to pass through the doorway. Alarms sound to identify access control violations to alert staff and, when integrated with Fastlane FastCount, real time building population data can be viewed so you can see how many people are in areas of the building at any given moment. You can even integrate Door Detective with other access control systems, for example facial recognition technology, with authorised users having to pass multiple verification checks before being granted access.

Easy to use, this additional level of security and detection helps to prevent both unauthorised entrants and tailgating, providing data centre management and their customers with the reassurance that only authorised visits are being made to designated areas of a facility, and their data will not be compromised.

If your organisation is currently underestimating the physical risks to your data, get in touch with our team on +44 (0)20 8890 5550 or email info@fastlane-turnstiles.com to find out how our range of entrance control products can help to protect your most valuable resource.

In other news:

 

[1] https://www.economist.com/leaders/2017/05/06/the-worlds-most-valuable-resource-is-no-longer-oil-but-data accessed 09.08.18

[2] The Art of Deception: Controlling the Human Element of Security, by William L. Simon and Kevin D. Mitnick

[3] https://afcom.com/Public/Resource_Center/Articles/Kevin_Mitnick_People_Not_Technology_Weakest_Security_Link.aspx accessed 13.08.18