The world is changing faster than ever. New technology in the form of cloud technologies, artificial intelligence, machine learning, IoT (Internet of Things), robotics, quantum computing and more, is creating new industries, changing existing ones and transforming the way things are made. Over 4.4 Billion people use the internet and the World Wide Web houses more than 2 Billion websites. This fourth industrial revolution has seen the world shift from a physical to a digital first landscape, and with it threats to our security have adapted too.
You are now 40% more likely to be a victim of cybercrime than you are a victim of burglary. Cybercrime is big business. According to Bromium, the average cyber criminal can earn anything up to $2 Million year, while entry level hackers can expect to take home $42,000. Globally, the cost of cyber crime to businesses in 2018, was $45 Billion, according to Panda Security. Forbes estimates a damages cost of $6 Trillion by 2021, a figure that exceeds that of natural disasters and the global trade of all illegal drugs.
So with all of these threats to our digital security, it’s only right that the industry is educating businesses and end users on how to protect themselves, with everything from anti-virus software and password policies, to penetration testing and end user education now prevalent in many businesses. But have you ever stopped to think about the physical security of your data?
It seems an odd concept, the idea of physical protection of this fast growing digital world. But think about where all this data is. Where it’s stored.
There are thousands of data centres across the globe, without which the internet would be obsolete. Data centres are where the fibre providers meet the content providers, and consumers and businesses have dozens of touch points with data centres every single day. Every time you post to Instagram, log onto your Gmail, use your weather app, tap into a tube or train station, stream on Netflix, pay for your coffee with Apple or Android Pay…. you are connecting with a data centre. This is where the content, or data is stored. So although the threats to data security from a cyber perspective are huge, the physical security of these buildings is paramount. In some respects, it’s even more important than digital security.
Data centre security is big business, and data centres do everything in their power to stop the physical breaking and entering of a data centre. In most data centres, unauthorised access simply won’t happen.
Perimeter fencing, automatic or manned gates and even moats are usually the first line of defence. At first glance, you could be forgiven for thinking you’re trying to get into a prison, rather than a data centre. Biometric access controls, virtual tripwires and mantraps allow authorised personnel to enter a data centre, but if your name’s not down, you’re not coming in. Many data centres will include security guards as part of this first line of defence. At TeleData, our access is fully automated. Humans are always the most vulnerable point in any security system, so we have instead invested over £1 million in an on-site Security and Operations Control Centre (SOC) within our facility, which not only means that our security staff can’t be reached physically by any would-be attackers, but it also means that our data centre is the only one in the world with NSI Gold Approved BS5979 security centre on-site.
The multi-layered approach to physical data security continues once inside a data centre. Access is restricted only to the part of the data centre you are entitled to be in. CCTV monitors your every move and man traps ensure you aren’t bringing any unwanted guests with you, or being forced to enter the data centre under duress. Server cabinets are un-named, unbranded, recognised by codes only and under lock and key. Tremor sensors ensure that tunnelling into a data centre can’t happen. Police links mean that with one push of a button, police response teams can be on site in seconds. Some of the larger data centres (think Microsoft, Google and the like) weigh workers on their way in and out of the data centre to rule out theft, with some of the bigger players even allocating data centre engineers a timeframe in which they must complete their work - over run, and you’re locked in and interviewed for an explanation of what you were doing. Many data centres are unmarked, off the grid and you won’t find them on Google Maps.
If at any point any of these procedures are breached, a data centre will lock down and your next conversation would be with security staff, or the police.
So you see, despite the massive responsibility on business owners and individuals to take necessary steps to protect their digital worlds, the responsibility starts with the data centres. Physical security in a digital world.
If you would like to book a tour of our Manchester data centre facility, and see all of these security procedures for yourself, get in touch with our team here to make an appointment.