Why good locks are key to physical site security
Fri 11 Apr 2014
While many data centres use sophisticated biometric security and CCTV cameras to control access from the outside, they often use old-fashioned locks and keys to secure racks and cabinets on the inside. Grant Macdonald, managing director of Codelocks, looks at how digital cabinet locks bring a more high-tech solution to internal access control.
Access to data centres is tightly controlled with many facilities employing state-of-the-art security solutions to monitor and control the flow of visitors coming in and out of the building. On the inside, it’s the role of the operations manager to make sure that server cabinets are securely locked and – in the case of colocation data centres – only accessible to the owner of the equipment inside the cabinet.
To do this, many operations managers still use the locks and keys originally supplied with the data cabinets, while some use padlocks and keys. At full capacity, a large data centre might have hundreds of locked cabinets and managing the keys on such a large scale can be a problematic task.
This is especially the case in co-location data centres, where different technicians and service support staff need access to their own servers. The operations manager needs to ensure that the master keys are kept safe and an audit trail is kept for each key issued.
When keys go missing, as they often do, a replacement key needs to be cut. However, simply replacing a key does not necessarily regain ‘control’ of the lock, to do this ideally the whole mechanism should be replaced, and if this is a regular occurrence, it can be a very costly and time-consuming process.
There will also be occasions where technicians or service employees simply forget to bring the key with them when they visit a colocation data centre. When that happens the operations manager has to stop what he or she is doing and retrieve the master key in order to give the engineer access. The whole process can slow the customer down and is disruptive for everyone.
It’s for these reasons that a growing number of operations managers are replacing the locks and keys supplied with data centre cabinets with a more modern and functional alternative. Digital cabinet locks provide access by punching in a correct combination of numbers on a keypad. In ‘private’ mode a digital cabinet lock can be used by a small group of authorised individuals to access the equipment locked inside a cabinet. If an access code is forgotten, a master code can easily be used to reset the lock, which takes only minutes and incurs no extra cost to the data centre.
Taking keys out of the equation has, from an administrative point of view, its obvious advantages and, in addition, digital cabinet locks also bring with them extra functionality. An example of this is an innovation that provides a more convenient way of controlling how access codes are generated: time-sensitive access codes.
Customers using colocation data centres who require routine access to many different locked cabinets (at one or more location) can now use a secure web-based application to generate time-sensitive access codes. This works by setting up the locks with a unique matching algorithm to the web-based software, allowing the software to predict the access code on the installed lock at any given time. Using time-sensitive access codes is a more secure way to grant access, as the code will not work outside a designated timeslot.
A maintenance or service coordinator can, from a remote location, arrange for an engineer to visit the data centre and, using the application, generate a code for the engineer to gain access to the locked cabinet. The code can be sent via an SMS text message or email to the engineer’s mobile on the day the access is required. The software also allows an engineer to request an access code via an inbound SMS message. The code is sent back instantly. This may be useful if urgent access is required or if an unscheduled visit is necessary.
When making improvements to the multi-layer site security plan, data centre operations managers need to consider how new technology can replace out-dated equipment. Digital cabinet locks are much more convenient to use than traditional locks and keys, and many are now being fitted to racks and cabinets as standard during manufacture. Recent developments to digital cabinet locks gives colocation data centre customers greater control of their own access, and using time-sensitive access codes keeps their equipment inside the cabinet secure.