The Importance of Security and Physical Protection in Colocation Hosting Facilities

Colocating your server to a data centre has a lot of advantages. But, it comes with one new concern, physical security. The server is not your property when you are on a shared or VPS server. So, virtual security is your only security concern. 

When you use a colocation facility, the server hardware is your property. You try your best to find the data centre that provides the best physical security. Protection is needed from not only thefts but also natural disasters. Data centres must have strict procedures to keep unauthorised persons far from the server. 

This article explains the importance of physical security in colocation hosting facilities.  

What is Physical Security?

A software-level firewall cannot do anything if an attacker steals your storage media. So, physical security is as important as cyber security. But what counts as physical security would be a good question to ask. 

It includes protection of people, property, and physical assets from actions and events that could cause damage or loss. The advancements in AI and IoT have made physical security and monitoring easier. In other words, physical security and technology have never been more connected. Physical and virtual security teams can now work together to ensure most protection.  

Importance of Physical Security

Physical security is about protecting your facilities, people, and assets from real-world threats. For example, colocation providers have to ensure theft protection for your server. It includes physical deterrence, detection of intruders, and response to those threats.

Security often means restricting unauthorised people from accessing the assets. They could be external actors or potential insider threats. You may want to keep the public out of HQ. On-site third parties should not be at sensitive work or mission-critical areas like the server room.

Also, there are always threats of physical attacks. For example, someone could break into the data centre and enter the restricted areas. Besides, someone could use the terminals they are not supposed to use. 

Once inside, attackers can do anything to destroy the colocation company. They can steal critical information via USB and upload malware. They can damage servers or storage media and access essential terminals for mission-critical applications. 

There should be strict controls to protect from external threats. Proper internal measures to prevent internal attackers are also necessary. This internal system should be efficient enough to flag unusual behaviour.

Companies keep all the attention at the front doors. It is a general practice. All surveillance cameras, badge access, and security guards are at the front door. David Kennedy, CEO of penetration testing firm TrustedSec discourages this behaviour. He maintains that the entire building is the point of physical security.

That results in leaving many other sensitive areas unattended. It includes smoking areas, on-site gym entrances, and even loading bays. David Kennedy advises not to leave them unguarded, insecure, and unmonitored. 

The cost of cyber-attacks is high, but the physical attacks are equally terrible. One example is a Chicago site that was robbed four times in two years. 

Physical Security Standards of Data Center

Location

The physical security of any data centre starts with location. A lot of factors can make any location inconvenient for data centres. Some of these are:

  • Flooding Risk
  • Geological Activity at Regional Level
  • High-risk Industries In the Area
  • Risks of Force Majeure

It is better to choose a location where these risks are minimal. If you cannot find such a location, you can prevent using barriers or extra redundancies in the physical design. 

Buildings, Structures, and Data Center Support Systems 

Structural design that works beneath data centres should also be security-optimised. It should reduce access control risks. Every little thing matters. Fencing around the perimeter and thickness matter. The number of entrances in the building and the material of the building's walls also play their role. 

Here are some other important factors:

  • There should be server cabinets filled with a lock.
  • It is a good security practice to have many suppliers for telecom and electricity for one building.  
  • UPS, generators, or any power backup systems are critical. 
  • Using mantraps is also an ideal practice. It is an airlock between two doors. Both doors need mantraps. 
  • You may expand in the future within similar boundaries. Take this factor into account. 

Physical Access Control

It is crucial to control the movement of visitors and staff around the data centre. Two things can help you a lot if a breach happens in the future. The first is having biometric scanners on all doors. Second is the log of who had access to what and when. 

Also, ensure that only people exiting the building can access fire escapes and evacuation routes. Prevent re-entry by having no outdoor handles. If someone opens any safety door, it should sound an alarm. 

Also, there should be mechanisms to avoid vehicular attacks. Every vehicle entry point should use reinforced bollards. 

All Endpoints Should Be Secure

Every device is an endpoint. The server is an endpoint. The tablet is also an endpoint. Laptops connected to a data centre network are also endpoints. Even the smartphone is an endpoint when it is connected to the network. 

Data centres must ensure their clients are serious about cybersecurity. One weak server can put all other servers at risk. Attackers are always trying to find one unsafe endpoint to get access to the network. 

Customers also demand remote access to the power distribution unit. It allows them to reboot their servers. Security becomes critical in such cases. Colocation providers must do their best to secure all endpoints. 

Video & Entry Logs

Keep all logs, including video logs, in a file for at least 90 days. Sometimes we identify breaches late, but at least we identify the vulnerable systems and entry points.

Document Security Procedures

It is essential to have well-defined and documented procedures. Even regular delivery should be planned carefully. You should not leave anything open for interpretation.

Run Regular Security Audits

The term audit covers many things, from daily security check ups to physical walkthroughs. Then, there are quarterly PCI and SOC audits. Finally, you should conduct physical audits. They will confirm that the reported data matches the actual conditions.

Most Vulnerable Points of a Data Center

Data centre size depends on the size of the organisation and its data usage patterns. The following are some of the weakest areas. You should have high security all the time. 

Wiring/Compartment Room

The wiring of the entire data centre is there. Firewalls and alarm systems are also there. If an attacker shuts it down, the remote breach would be a piece of cake. Here is the worst that could happen. One group of attackers will physically attack and shut down the wiring room. The other will attack remotely. Here are some ways you can protect the wiring room:

  • The security system at the data centre should allow authorised personnel to enter. 
  • Use physical protection for main wiring panels and other important systems. 
  • Do not use inflammable items near the wiring compartment/room.
  • The wiring compartment/room should be under video surveillance 24/7.
  • Proper maintenance of the wiring system is critical. Even minor changes should be easily noticeable.

Computer/Server Room

All primary data activities take place here. Machines stored here perform all primary processes of the data centre. They host a network or store the data. It should be secured and maintained correctly. Here is a server room protection checklist.

  • Unauthorised persons should not be allowed to enter. Administrative staff and maintenance personnel need access to operations.
  • The room should have high ceilings. 
  • The number of entrances and exits to the server or computer room should not be more than two. 
  • The room should be under constant CCTV surveillance.  
  • You should have a backup plan for a breach. 
  • The temperature should be between 55o – 75o Fahrenheit. 
  • Humidity sensors and fire prevention systems are also a must.

Data Storage & Location

You will often use a RAID system to store the data. Data should not only be safe but also available. Data sanctity and integrity are equally important. Any data storage facility needs heavy protection from physical attacks. You should take the following steps:

  • Get a separate digital entry system installed in the data storage location. It should restrict the entrance of everyone other than authorised personnel. 
  • The data storage location should be the innermost and the most secure place. Interior sections are preferable. 
  • The room should have 24/7 CCTV surveillance.
  • All the data must have a remote server backup. 
  • Do routine checkups of temperature and humidity levels.

Putting It All Together

Physical damage to colocation centres can stop business continuity and change customer perceptions. Thus, physical security is one of the primary concerns of the colocation customer. If you convince them on this point, they will easily convert. Thus, colocation vendors must reassess their practices and procedures to address potential threats.

You May Also Like To Read: An ultimate guide to choosing the right colocation providers

Colocation FAQs

About Server Colocation UK

Our servers are located in our own data center which is located in Derby, United Kingdom.
The data center is fully owned and managed by Data center plus, giving us the flexibility to work with our customers requirements and provide unrivaled levels of support.

Our data center is located next to Mansfield Road, Derby, UK. We are very accessible.
Our address is: Suite 18, Parker House, Mansfield Road, Derby, DE21 4SZ

Tour of our data center facilities is reserved for customers who are looking for colocation services with Data center plus.
If you would like to visit the data center, we must receive at least 24 hours notice.
You will also require to bring a form of ID in the form of a passport or driving license. We cannot allow anyone into the data center failing these requirements.

If you would like to place an order please contact us directly.
You can contact our sales team directly on 0808 169 7866 or emailing info@servercolocation.uk.
If you are an existing customer, log in to the site and simply check out after selecting your new service and proceed to payment options. The details of your new service will be added to your account portal.
If you are placing an order that is an upgrade to your existing one, get in touch with your account manager or raise a support ticket at info@servercolocation.uk.

Support

If you are experiencing issues with your server, we recommend that the first you do is to raise a support ticket with our support team.
This can be done by sending an email to info@servercolocation.uk.
Alternatively, if the matter is time sensitive, feel free to give us a call on 0808 169 7866 and select the option for Support.
We have a 30 minute SLA response time to any ticket raised.

Remote hands cover requests made within office hours.
Our Remote Hands service covers assistance with the following items:
– Server reboots
– CDROM connect/disconnect
– Cable checks and moving network cables.
– Checking/relaying diagnostics information back to the customer.
If you require services outside of the above (for example, installation of software), we can provide this as part of our Additional Services, which is chargeable. Please contact your account manager or our helpdesk for further information.

Support for hardware failure is 24/7/365 on our Managed Servers.
Most failed hardware components can be replaced within 1 hour (during office hours and subject to parts being in stock.
Office Hours: 08:30 – 18:00

Emergency support work