John Turner, head of IP physical security at specialist security distributor, Computerlinks, looks at how to control access to your data centre, what steps can be taken to prevent intrusion and whether physical security has kept up with IT security

Alongside its people, it’s widely accepted that a company’s most valuable asset is its data. Securing this data takes considerable effort and investment – in 2008, Gartner valued the global IT security software market alone at around £8bn – with the likes of firewalls, encryption devises and software ensuring that data cannot be accessed even if it is lost or stolen.  While the market for data security solutions is well-established, just how easy is it to prevent unauthorised physical ‘intrusion’ without massive investment in infrastructure, technology and personnel? The answer lies in the common thread running through the entire organisation - its IP network infrastructure – and the solution is often far simpler and therefore cheaper to implement than it may first appear.

It’s been predicted that the global market for converged physical and IT security products will grow to more than £13bn in 2010 . IP-based physical security solutions are now readily accessible, compatible with legacy systems and can be implemented with minimum disruption to day to day business.

Innovations in the IP physical security market mean almost anything is possible.  Doors can now be secured with magnetic locks, powered over the Ethernet network from vendors such as Netgenium, allowing access to be controlled directly from an IP telephone or a PC.  IP-based video technology, using the latest digital CCTV cameras, can also be integrated and controlled centrally and by individuals, whether on-site or at a remote location. And, when the technology can be powered by the network itself, it can also be installed by IT personnel without the need for qualified electricians, further reducing installation and maintenance costs.

Common interface standards such, as Weigand, now allow the physical reader at the door to vary to suit both the budget and level of security needed. While smart cards or tokens are the most common form of access devices, biometric methods including iris and finger print recognition are becoming increasingly reliable and affordable.  Iris patterns are rarely hindered by glasses or contact lenses, and compared with other biometric methods, false acceptance rates for iris recognition are a mere 1 in 1.2 million, making the chance of accepting one person as another almost zero. Iris recognition readers, such as the Panasonic BM-ET200, can capture and identify a user in 0.3 seconds, making it a fast and effective access option.

If speed of access is not an issue, which may be the case in a data centre where high levels of security are imperative but traffic is low, two factor authentication such as card and PIN or card and biometric may be more appropriate.  Access cards, by vendors such as HID, allow users to open doors with the same card that logs them into their computer, reducing risk of forgotten passwords and increasing the simplicity with which a staff member’s movements can be traced.

The integration of physical access control with IT now also extends well beyond the network infrastructure alone.  The latest systems, such as Netgenium’s, are Windows server-based applications and use Lightweight Directory Access Protocols or Active Directory to manage user identities.  Rule bases within a central Policy Server can be as broad or as granular as required to allow access to controlled areas to be varied for specific conditions - for example a person may have access to a certain area only during certain times or while an approved colleague is present.  The fact that Netgenium’s Policy Server Software also integrates with Milestone’s CCTV XProtect server, means that in an IP security environment you are not locked into single vendor contracts as you may have been with analogue systems.

Linked via the IP network, surveillance cameras and environmental monitoring devices, such as Jacarta’s interSeptor, can alert operators to potential problems via SNMP, SMS, Email or automated telephone calls.  These dangers could include intruders, temperature variations, smoke/fire, water ingress/moisture, and power outages.

IP security solutions can even play a significant role in reducing power consumption.  Products including the Netgenium IP Lighting Controller can be set up to ensure that when staff exit the building using their access cards, the lighting in their section of the building is switched off and their PC and telephone are shut down.

With all of these technologies readily available there is no reason why the data centre itself should be any less secure than the data within it and be managed easily by the data centre manager.  In fact, if the pundits’ predictions are anything to go by, you could argue that IP-based physical security has not just caught up with data security, it’s leaving it behind.