One of the most prevalent reasons for moving business-critical IT and workloads to an off-premise data centre is the superior security this offers - preventing unauthorised access, ensuring the safety of the equipment (e.g. cooling and fire suppression), and protecting networks and data. With the best will in the world, most companies are unable to provide the same levels of security in their on-premise data centre facilities as that offered by purpose-built datacentres, which have been designed and built to offer the most secure, resilient and efficient solution to the storage of physical IT infrastructure and mission-critical workloads and data.
Physical security measures
Physical security comes in various forms, including:
- Access controls including fencing and barriers, badge readers, biometric scanners, security personnel and ‘mantraps’ (areas with interlocking doors that require two-factor authentication).
- Surveillance cameras and alarm systems that monitor activity in and around the facility and alarms that flag up any security breaches.
- Fire suppression systems such as fire alarms, smoke detectors, and fire suppression agents.
- Climate control to ensure that equipment is kept at the right temperature and humidity levels to help prevent equipment failures and downtime.
Both of our facilities (our flagship London edge facility, and our new Manchester data centre) go above and beyond when it comes to security: our Manchester site is a Police Approved Secure Facility and the only NSI Gold Approved BS5979 data centre in the UK, whilst our flagship London-edge data centre is located on the renowned Cody Technology Park, an ultra-secure, Government-grade campus location.
Data centre network security
This protects the integrity, confidentiality, and availability of data stored and processed in a data centre. A data centre network typically consists of multiple interconnected devices and systems, including servers, storage devices, switches, routers, firewalls, and other network security devices. These can be protected in a number of ways:
- Implementing network segmentation: This involves dividing the data centre network into smaller, more manageable segments, each with its own security controls and access policies. This helps to prevent the spread of malware or attacks across the entire network.
- Using firewalls configured to block unauthorised access to the data centre network and monitor incoming and outgoing network traffic.
- Intrusion detection and prevention systems to detect and prevent unauthorised access to the data centre network. They can identify and block known attack patterns and can be configured to generate alerts or take automated actions in response to detected threats.
- Encryption to protect data as it moves across the data centre network. This includes encrypting data in transit between servers, storage devices, and other network components, as well as encrypting data at rest in storage devices.
Data centre redundancy and backup systems
These ensure that data is always available and accessible, even in the event of a power outage or other disruption.
- Power redundancy through multiple power sources, including utility power, backup generators, and uninterruptible power supply (UPS) systems. This redundancy helps ensure that power is always available to critical systems, even in the event of a power outage.
- Network redundancy through multiple network connections from different providers to ensure that network access is always available. Additionally, routers and switches may be configured with redundancy protocols to ensure that network traffic can be rerouted in the event of a failure.
- Data replication technologies such as mirroring or clustering to ensure that data is always available. This involves replicating data across multiple systems or locations so that if one system fails, the data can be quickly restored from another location.
- Backup and recovery systems to protect against data loss. This may include regular backups of data to tape or disk, as well as systems for quickly restoring data in the event of a failure.
- Server redundancy technologies such as load balancing or failover clustering to ensure that critical systems are always available. This involves distributing workloads across multiple servers so that if one server fails, the workload can be quickly and automatically transferred to another server.
Trusting your data centre provider
One way of looking beneath the surface of a data centre facility is to review its accreditations, which demonstrate that a facility is compliant with industry standards and regulations and committed to providing security, reliability, and performance. Facilities like our London-edge and Manchester colocation data centres have gone through rigorous assessment procedures in order to achieve our accreditations and, importantly, we need to work hard to maintain them. These accreditations include:
- ISO 27001:2013 (establishing and maintaining effective security controls to protect information assets and manage security risks)
- ISO 9001:2015 (establishing, implementing, maintaining, and continually improving a quality management system)
- ISO 14001:2015 (identifying and managing environmental aspects and impacts and setting objectives and targets for improving environmental performance)
- ISO 50001:2018 (improving energy performance, reducing energy consumption, and cutting greenhouse gas emissions)
Once you have found a facility that ticks all your boxes in terms of security requirements and accreditations, you can be certain that your IT estate and workloads will be safe. The other key factor, however, is the team that runs the data centre - as well as choosing a facility, you’re choosing the people to whom you will entrust your business-critical IT and workloads. Are they experienced, knowledgeable and responsive to your requirements? Are they flexible and accommodating, and able to deal with potentially complex challenges? The best way to find out is to speak to them directly. To get in touch with our team, make contact via our website, email us on firstname.lastname@example.org, or call us on 0333 202 3195.