Whether your business has its own data centre, or you operate a data hosting or manage them on behalf of other firms, the security and protection of data is absolutely critical.
Specialist Technology Insurance can provide appropriate risk transfer protection and peace of mind. However, prevention is always better than cure and by understanding the key vulnerabilities and risks will help your business minimise exposure and build a robust risk management framework.
The Pulse of Modern Business
A data centre is the pulse of most modern businesses, the central channel for any data moving in or out. Any firm that creates or uses digital data has a need for a data centre, be it in-house or utilising an external firm.
Despite the continued growth and development of data centres, there are several common data centre hazards that could significantly damage a business’ very existence. By protecting your business against these general hazards, you can help ensure your business’ future success.
The Common Hazards
Although security and data breach incidents are not a common occurrence in a data centre, the consequences can be significant. The infrequent nature of the incidents can lead to employees adopting a more lax approach to common, easily preventable risks.
The following tips can help to address common hazards, keeping your data centre safe:
#1 Security Server Failure
If your security server fails, you will lose card access management, the ability to change authorisation levels, access to Web-based applications, control of doors and video camera connection and the ability to verify card holder identity.
To help to prevent security server failure, install cluster software on multiple servers — cluster software allows multiple servers to run simultaneously by mimicking the data on the other servers. It lets you protect and recover data in the event of a security server failure.
#2 Undetected Smoke
Fires is a data centre can be caused by power surges in the electrical system. Smoke can only be detected by smell in the early stages of a fire and by the time the smoke becomes noticeable, significant damage may have already occurred.
Early detection is therefore crucial to minimising fire damage. By installing an aspirating smoke detector (ASD), you can catch a fire in the early stages, before the smoke is noticeable. An ASD is comprised of tubes that follow the same path that smoke would take through the air conditioning system. These tubes collect air samples and deposit them in a central testing chamber. Air samples are then tested for smoke levels.
#3 Personnel Monitoring Programmes
Due to the size of data centres, it can be difficult to effectively track personnel. You can help to solve this problem by providing each employee with a real-time location system device (RTLS) to track his or her location at all times.
The RTLS sends identification data to a central monitoring station if an employee enters a high-security area. The system has the capabilities to interact with the surveillance system and the access control system to provide further security.
#4 Direct Threats to Personnel with High-authorisation
When personnel with high-authorisation levels are at risk, the data centre assets may be placed at risk as well. However, if personnel are provided with wireless emergency alarm systems, they can send alarms to the security department in an emergency.
#5 Ineffective Alert and / or Back –Up System
There is potential for human error when multiple alerts are sent out, depending on the risk, location and personnel. By using mass notification systems, also known as Life Safety Systems, it is possible to send out mass notifications in real time. The messages can be issued through audio, video or email and can provide the correct response to the incident.
#6 Lost Key Cards
Losing key entry cards is surprisingly easy, but monitoring key card use can be prove to be much more difficult. By storing key cards in cabinets that allow designated employees access via keypad, card swipe or biometric scanning, you can eliminate human error, as well as the potential unauthorised key card use. Equipping key cards with a real-time identification tag helps record card usage and curb illegal card use.
#7 Unfavourable Microenvironments
Equipment failure can occur if environmental conditions surrounding the machinery are inappropriate or not fit for purpose. Due to the sheer size of some data centres it can become difficult to monitor the environment surrounding each machine.
However, by installing machine cabinet monitoring systems, it is possible to take real-time tests of temperature, humidity, voltage and power sources. The system sounds an alarm if the environment drops to an unfavourable state.
#8 Failed Network Connection
According to industry reports, modification to system networks is responsible for 80 per cent of network connection failures. Of the total amount of time spent attempting a restore or recovery, 90 per cent of the time is spent on diagnostics, while only 10 per cent is spent on the resolution. By installing a smart patch panel system, users can control all of the links used in a network. They can mark certain links as confidential and sound an alarm in the event of a broken or illegal connection.
#9 Hacker Threat
Hackers are an obvious external security threat. By combining a physical access management system with a digital log-in system, only individuals with access will be able to log in to the server. Any non-approved connection attempts will trigger alarm protocols.
#10 Faulty Inventory Management
When employees perform data inventory reviews, they may accidentally lose some data. By providing employees with a Radio Frequency Identification Asset Management system, the equipment is immediately identified.
The Early Warning Signs
There are several early warning signs that can alert you to the likelihood of a hazard occurring in your data centre. Watch for the following signs to determine your risk:
- Outdated diagrams of equipment configuration
- Outdated diagrams of physical wiring
- Neglected charging of uninterrupted power supply batteries
- Neglected testing of fuel levels and the generator
- Inadequate testing of the backup generator
- Neglected testing of the annunciator system
- Failure to recharge the fire suppression system
- Failure to test the emergency power-off system
- Failure to document the emergency power-off system
- Inadequate routine air conditioning system maintenance
- Improper anchoring of equipment
- Inadequate documentation of evacuation procedures
- Failure to follow physical security procedures
- Inadequate training for personnel
Preventive maintenance and risk awareness can protect your data centre and by implementing clear proactive measures and a routine monitoring and testing programme you can help to minimise your exposure to losses and potential claims under your Technology Insurance programme.
FREE Business Insurance Review
Insync specialises in cover for the IT and Technology Insurance. From data hosting firms, data farms to IT service providers, we can help your business to locate its key risks and arrange appropriate cover.