close up of server in server room

Critical Infrastructure Protection: U.S. Data Centers and Ballistic Barriers

Uncategorized

close up of server in server roomAs Total Security Solutions CEO Jim Richards recently noted, “data is where the value is,” making data centers an attractive target for a wide variety of bad actors—from teams of criminal hackers to the Kremlin and other foreign agencies. Even seemingly non-critical services—like Twitter—have become vital resources during disasters and emergencies.

As off-site data storage and cloud computing become a daily necessity in every facet of our lives, a single data center may store information and house services for a wide range of public and private entities. Data centers are the place where private business continuity and disaster recovery planning (BCP) and public continuity of operations planning (COOP) tend to come together in assuring the stability of U.S. infrastructure when disaster strikes. And, for that reason, security professionals and physical security specialists—not to mention homeland security planners and public safety professionals—are taking the physical security of data centers increasingly seriously.

But even as many best-practices checklists (like this one for SAS 70 Compliance) are beginning to take bullet resistant security into account, there are still many misconceptions about how to best address the physical security needs of data centers.

Two Traditional Categories of Bullet Resistant Barrier Systems

For the most part, bullet resistant barrier systems fall into two broad categories: Retail and Reception.

The classic Retail System would be a bank: Staff are on one side, customers on the other, and while it is rare for anyone to need to pass through the barrier, they do need to communicate clearly and pass small items easily and securely. These systems are seen in a wide variety of settings: 24/7 convenience stores, high-risk gas stations, pharmacies, municipal utility payment offices, and so on.

Reception Systems were once relatively rare, but are now increasingly common (especially in the urban core). A classic example might be a school’s secure vestibule entryway. Here there is a small reception area entirely open to the public and separated from the building by secured bullet resistant doors. A secure receptionist can vet identification before permitting visitors through. Like Retail systems, these Reception systems also have large bullet resistant windows and communication systems, but the windows tend to be smaller and simpler, where-as the bullet proof doors and access control systems are more developed. Other examples of Reception systems include police stations, hospitalscourthouses, some jewelry stores, and corporate offices.

Both types of systems presume a lot of foot traffic (usually because the building itself is located in a densely populated or high-traffic area), a heavy reliance on face-to-face communication between staff and visitors, and the need to only secure a few critical “bottlenecks”—usually entryways, or a small publicly accessible space.

Data Centers Have Different Security Profiles

As Jim Richards has found over the last several years, data centers make for a very different security scenario: “First off, we see these centers going into areas that that are more remote—Iowa, Wyoming, Utah, Arizona. They’re favoring places which are the most stable, geologically and in terms of weather. In contrast to a bank or federal building, these centers don’t need to be near population centers, and just don’t have that many unexpected visitors. So the [ballistic] systems they need are quite different, because the focus isn’t about making it easy for people to do business face-to-face while protecting them.”

Additionally, there is no bottleneck to secure. Data centers need to isolate many individual spaces and server rooms throughout the building—something more akin to fire protection strategies than traditional bullet resistant security measures. When people think “bullet proof,” they almost always think of “bullet proof glass” (even though it’s technically “bullet resistant thermoplastic”). But there just isn’t much glass in a data center. As Jim notes:

“Most traditional bullet resistant barriers are focused on ballistic windows, transaction areas, deal trays, and passers. In a data center, we don’t need that. They want to secure walls and doors, with a good access control system tying it all together. That means lots of fiberglass for the walls, lots of doors, and maybe an entryway.”

Data Centers Focus on Access Control

In contrast to many companies—especially smaller local outfits—TSS has a great deal of expeSteel Doorrience partnering with their client’s preferred access control vendors. Every TSS door is custom built, and can be engineered to easily accept any control devices, wire runs, and strikes your access system demands. Since data center installations tend to be extensive but straightforward (installing fiberglass paneling in the walls is not that different from drywalling), many centers opt to use local contractors or in-house facilities staff. TSS offers ample support to vendors and other trades, security professionals, and in-house staff, guiding them through a smooth installation process.

Next Steps:

Bulletproof Municipal Buildings