When choosing a datacenter to host your company’s environment, it’s important to consider all the variables that will come into play. Many times, a site tour of your potential datacenter will show you a limited picture of the center’s inner workings. If you don’t arm yourself with the proper questions to ask or the right things to look for during a tour, you could potentially choose the wrong datacenter. Some typical datacenter security questions include “Is there an authentication system to get into the datacenter?” and “do you have camera systems throughout the datacenter?” Although these are excellent questions, they don’t begin to scratch the surface of what you need to know.
Here are the top 10 things to consider when choosing and/or determining the security posture of a managed hosting datacenter:
1. “Do all datacenter walls extend to the roof?”
This is very important. If the walls don’t extend to the roof, an intruder needs only to push a couple ceiling tiles out to bypass the physical security and enter the datacenter.
2. “Does the datacenter/building require 2-factor authentication for access?”
These days, single factor authentication just doesn’t cut it when it comes to security. We all know how easy it is for an employee to lose their FOB or badge somewhere, and that means a potential bad guy can find it and let himself in.
3. “Do your generators have multiple fuel suppliers?”
This is important because if there is a serious issue, one provider is never enough. You should always have fallbacks.
4. “Does your datacenter have a fire suppression system?”
The answer to this question should always be yes. One of the best is the FM200 system, which is the eco-friendly replacement for Halon due to the Montreal Protocol treaty.
5. “Is the facility recognizable as a datacenter from the outside?”
You never want to be able to tell a building is a datacenter from the outside. The more boring and plain the building is, the better you can keep external threats at bay.
6. “Is the physical environment of the facility safe?”
It’s very important to take notice of things like how well the outside is lit at night. Dark areas and shrubbery create hiding places for intruders.
7. “Are the datacenter walls located against the building’s outside walls?”
You never want to have a datacenter wall as part of the outside wall structure of the building. This can promote an easy method for intruders to drive into the wall, and end up in the datacenter.
8. “Is the method of Least Privilege followed throughout the secure building?”
It should take more than just the flash of a badge to gain full access.
9. “Do you have cameras and backups located at all Datacenter entrances and exits?”
As critical as camera units are, you must also verify that they are backed up in case of an incident.
10. “Are datacenter doors solid, have at least 3 hinges, and are the hinges located inside the datacenter?”
These details may seem trivial, but even the strongest physical structure can be rendered worthless if someone can kick the door in.
