In the world of data centers, security is the most important infrastructural element outside the server cabinets and hard drives themselves. Access control is the one thing separating vast amounts of valuable data from the wrong hands. Therefore, these organizations should be sure to practice the most cutting edge security techniques available in order to foil any would-be thieves.
According to a report from Cisco, there are three basic methods of access control: pass codes or PINs, cards or key fobs, and biometric security. A combination of all three is ideal, but the latter is essential. The first two alone offer too much uncertainty and room for theft, misplacement or malfunction.
The information in your head
This first security measure Cisco outlined is made up of the information employees have in their heads – in other words, pass codes, ID numbers and other phrases or numbers. In theory, the system is reliable – only the trusted staff with security clearance know the combination to the door or pass code for the network, thus restricting entry to a precious few. However, problems abound with this technique, as evidenced by the recent onslaught of cyber attacks.
Passwords can be guessed, forced – even stumbled upon. Employees that write down a security phrase on a piece of paper risk losing that information and unwittingly divulging it to anyone who finds it. Plus, if a PIN has been compromised, it is rarely discovered immediately. Only when managers recognize missing information or strange access behavior is the infiltration detected.
The items in your pocket
A Plus ID outlined a number of these devices – ID cards and key fobs that use various reading methods like magnetic strips, infrared readers or battery-powered signals. Unlike pass codes, any intruder would need the actual device in order to obtain access. This aspect might make card readers seem like a one-stop method of data center protection, but there are still a set of issues that come with key cards.
Like any other key, these items – usually similar to either a credit card or a key chain – can be lost, stolen or damaged. In such cases, the owner will be left without access while anyone who happens upon the device will suddenly be given clearance. Additionally, these devices are at the whim of a corresponding reader. If the internal network is offline, the cards will be ineffective. Plus, magnetic strips can easily be wiped, while battery-powered key fobs can run out of power, rendering them useless.
The prints on your fingers
While the first two methods have some benefits, they pale in comparison with the efficacy of biometric technology. This security platform relies upon an individual's physical characteristics, which are virtually impossible to lose, forget or have stolen. Data centers can use a fingerprint reader to identify and allow access to registered staff. Plus, if a data center's network goes offline, the best biometrics systems will remain effective..
Unfortunately, many employees are the root cause of security breaches – some by accident, some by malicious intent. While pass codes and key cards do nothing to address this issue, some cutting edge biometric platforms do. The best security system on the market require two separate biometric identifications simultaneously. In this way, even if one employee has ideas about stealing information, he or she would need an accomplice with a similar level of clearance. This technique vastly reduces the possibility for data to be stolen.
As mentioned earlier, a combination of the three systems is the ideal approach, but biometrics is the key ingredient.