Expensive data cages will protect data centre equipment – but there is a less costly alternative
You lock the door of your house when you’re gone. You install swipe card-activated turnstiles at your building entry to control who gets access to the building. So why wouldn’t you install a data cage to protect the millions of dollars’ worth of equipment you’ve put at your colocation provider?
It’s a reasonable question that any company should ask itself before committing to rack space within their provider – and the answer, in general, is simple: it depends.
There’s no question that the capital costs of any data centre investment are significant; potential business losses from theft, damage, sabotage or other interruption are many times more so.
For this reason, it makes sense to protect that equipment – and many colocation providers facilitate the construction of data cages providing a contained, access-controlled space to house their customers’ servers.
Cages physically separate a company’s servers from others in the data centre, and allow companies to add other equipment, such as a desk to support onsite workers. Cages can also be installed under the floor to protect ultra-high security environments, or to support a company’s security obligations under compliance regimes that require tight control over physical access, such as PCI DSS or ISM.
Yet cages aren’t for everybody: despite their strength, data cages take up large amounts of precious data centre real estate. Building a cage around 6 racks of equipment could easily take up the same amount of floor space as 20 racks of equipment – and that makes cages expensive.
Those costs change the dynamics of the colocation business case, overwhelming the costs of hosting the equipment itself. This is particularly the case for small companies with a small number of equipment racks.
One alternative means even small businesses can enjoy the same level of security that a cage provides – while still retaining compliance with requirements around the secure handling of financial, personal or other information – without physically installing the cage.
Colocation providers like NTT ICT offer purpose-built, hardened data cabinets that prevent any physical access to your equipment. They are also designed to make it obvious when someone has tried to force entry to a cabinet, and include features such as internal cladding and panels to ensure that external panels can’t be removed from outside the rack.
In Australia, such racks are certified by the federal government’s Secure Computing Equipment Committee (SCEC), which maintains a Security Equipment Evaluated Product List (SEEPL) containing all products that meet the requirements of the standards.
SCEC approvals are managed by ASIO’s T4 Protective Security directorate and include Class A (keyed) and Class B (combination) locks, which are designed to be “highly resistant to covert and surreptitious opening techniques”. Covert techniques are most likely to be used within data centre environments where security is already typically tight, but intruders might try to sneak into a rack using a pinch bar, tin snips or hacksaw.
Truly effective secure racking solutions frustrate would-be intruders by eliminating weak points they could potentially use to gain access. The racks are extremely difficult to get into without using destructive force, which they are designed to show. Customers face very real problems getting into them if they forget the PINs to the locks, and not even the colocation provider has a way to get inside.
These secure racks can be combined with secure cable conduits to ensure there is no way to intercept data moving through the environment.
For government and high-sensitivity commercial applications, these robust design characteristics make secure racking a cost-effective way of securing small colocation installations while reducing your cost of compliance. However, their added cost means that companies with colocation commitments of more than 20 equipment racks, as a rule of thumb, may find a dedicated cage to be more cost-effective.
Deciding which approach to take is a crucial part of your colocation decision. But unless you have a very significant installation that necessitates a cage, you can save money and maintain flexibility by using a secure rack that lets your equipment run efficiently and effectively.