Data center safety and security: how to master the new risks?
The computerization of building infrastructure management, the development of local data centers located in tertiary or residential buildings, potential drone attacks, climatic and seismic hazards: what are the new risks facing data center operators, and how can they protect against them?
The safety and security of data centers are key to ensuring the continuity of digital services and guaranteeing the integrity of data hosted in server rooms. Safety involves implementing solutions to control the risk of unintentional, fortuitous or accidental events (fire, flooding, excessive temperatures, etc.). Security, meanwhile, involves protection against intentional and malicious acts and events (intrusion, hacking, etc.).
In recent years, the risks have evolved. Take a look at the new threats, and how to protect against them.
Increasing cyber-risks
Apart from IT cyber-risks, all data centers now benefit from computerized and generally connected administration, whether for technical supervision, power and cooling optimization, energy performance monitoring, asset management, physical access control or video surveillance.
All these tools, including DCIM (Data Center Infrastructure Management) solutions, enable data center building infrastructures to be monitored, even remotely. They ensure that you are notified in the event of an incident (intrusion, outbreak of fire, power supply problem, excessively high temperature, etc.), maximize availability, optimize service levels and react quickly when problems arise.
In the same way as the IT applications and digital services hosted in the data center, these tools can be the target of attacks, including terrorist attacks (political or economic). They too therefore need to be protected from cyber-risks, which are on the increase.
Lack of control over the immediate environment of local data centers
With the acceleration of digital uses, it’s becoming essential to process data as close as possible to its point of use, to reduce latency and connectivity costs. The number of local data centers has thus grown exponentially in recent years to support the rollout of 5G, new uses (notably artificial intelligence technologies) or to support local areas of economic activity. Not to mention the growing number of Edge Computing initiatives, in other words the installation of micro data centers with one or two bays.
Located in urban or suburban areas, often in buildings shared with offices or housing, these local data centers host sensitive data and need to be protected from the risks of fire, water damage or intrusion. In contrast to large data centers with secure, controlled enclosures around the building, their environment (neighborhood or immediate proximity to public space) makes them more easily accessible to potential malicious individuals.
In addition, generators and outdoor cooling equipment are not always appreciated by local residents. These residents can take the data center operator to court, with the risk of having to shut down or even dismantle the data center. All this without mentioning the risk of deliberate damage to this outdoor equipment by unscrupulous local residents.
The “5th façade”: the new weak link in large data centers
Drone technology is now available to everyone. These devices could potentially be flown over data centers with explosive charges, or devices capable of electromagnetically modifying the behavior of site equipment, or cutting off access to the fiber or electrical network.
For large data centers, located in a dedicated building, the roof – which most of the time houses the cooling equipment and sometimes the emergency generators – thus becomes the fifth façade to be protected, alongside the other four, which have long been secured. This is a risk that must be taken into account as from the design stage of the data center, particularly by operators of vital importance (OIV), giving the data center a reasonably neutral external appearance so as not to attract attention.
Environmental risks
With summer temperature peaks getting higher and higher, it’s no longer unusual to design data centers so that they can operate, without any degradation of service, with outside temperatures of up to 45 degrees Celsius, compared with 38 degrees a few years ago.
Similarly, seismic risks in mainland France are no longer confined to the south-east. Most data centers located near mountain ranges have long been equipped with devices to mitigate seismic risks. However, in regions such as Brittany, such risks are greater than in the past, and must be taken into account in the design of data centers, with appropriate choices for the building’s concrete structure, technical floors, anti-vibration supports for cooling units or generators, etc.
Last but not least, rising sea levels and soil sealing increase the risk (rare but major) of flooding or submersion of data centers. Even more than for any other building, the choice of location is essential to guarantee the optimal operation of the data center, and the associated digital services.
By Tristan Richard, Director of Operations, APL Data Center.
