Page 32 - Security Today, May/June 2019
P. 32

abling them to receive updates on their com- puter or via text or email on their personal devices. An electronic access solution is com- posed of three primary components: an ac- cess control reader or input device, an electro- mechanical lock and a controller system for restricting, monitoring and recording access. When designing an electronic access solution, it is important that the appropriate electronic lock is chosen for the specific enclosure and provides the intelligence, flexibility and secu- rity needed at the rack level.
Electronic locks are actuated by external access control devices, which validate user credentials and produce a signal that initi- ates the unlocking cycle. Electronic locks can be combined with any access control device from keypads to radio frequency identifica- tion (RFID) card systems, biometrics or wireless systems. The access control device can also be integrated into the electronic lock for a streamlined, integrated solution that re- quires minimal installation preparations.
Each time an electronic lock is actuated, an electronic “signature” is created which is captured to monitor access–either locally with visual indicators or audible alarms, or remotely over a computer network. The elec- tronic signatures can be stored to create audit trails that can be viewed at any time, whether on- or off-site, to forensically reconstruct a series of access events. This electronic audit trail keeps track of cabinet access activity, including location, date, time, duration of access and specific user credentials.
These audit trails provide data center managers with an additional resource: They can track the amount of time a server rack door is opened in order to monitor mainte- nance and service activity. If a server rack is scheduled for activity that should take 30 minutes, but the audit trail shows the door was open for several hours, management can find out why the delay occurred and exercise better management of service personnel and costs for service.
This audit trail can be used to demon- strate compliance with data protection regu- lations and allows data center managers to immediately identify and respond to security breaches or forensically reconstruct events leading to a violation. Remote management and real-time monitoring eliminates the need for on-site staffing and reduces costs associ- ated with managing data center security.
Support for Multifactor Authentication
When designing a new installation or retro- fit, it is important to select an electronic lock based on the depth of intelligence and level of protection required. Many EAS suppliers offer a range of electronic locking solutions designed to make implementing rack-level security relatively simple and cost-effective.
These include robust cabinet locks integrated into locking door handles that are self-con- tained, modular devices designed to provide multifactor authentication in order to supply access to a server cabinet.
Multifactor authentication is a growing requirement for many access control sce- narios and more data center managers are implementing it, particularly for server racks containing highly sensitive data. Common multifactor systems typically require the fol- lowing factors:
• Something you know–such as a PIN
• Something you have–such as an RFID card
• Something you are–biometric data, such
as a fingerprint or through facial recogni- tion scans
With multifactor authentication, one
piece of information alone does not grant access. An electronic lock can be designed to require the user to present an RFID card, and then enter a PIN code on a keypad. There are electronic locking systems that are designed to be modular, allowing different types of access controllers to be easily added to the lock and satisfying the specific level of security for a given server rack.
The levels of safety can be further en- hanced in a relatively simple manner. For example, there are electronic locking systems that combine RFID cards and fingerprint readers. Technicians assigned to access a server rack using this type of system have their fingerprint data loaded onto the card. To access the server, they present their card which transmits their fingerprint data to the reader; they then provide their fingerprint to complete access.
Designing for Compliance
Electronic access solutions provide a strong level of physical access control for a variety of data center security applications, whether
providing storage for one organization or several housed in a colocation environment. Managers of colocation environments have started to adopt intelligent locking systems due to the challenges of protecting access to individual cabinets, rather than “caging” a cabinet or group of cabinets into separate areas of the data center.
Electronic access solutions are adapt- able to both structural designs and control mechanisms that are already in place. Often, building access cards or ID badges are al- ready part of an organization’s access con- trol system; using them for rack-level access eliminates the need to create new or separate credentials.
Expectations for data security and man- agementhavechangedsignificantly.Regula- tions are driving facility managers to consider comprehensive security solutions with moni- toring capabilities and digital audit trails to protect sensitive information from the threat of unauthorized access and theft. Regula- tory requirements related to data security will continue to increase in response to the con- stantly changing tactics of data thieves.
Data center managers can prevent these situations from occurring by optimizing se- curity down to the rack level with electronic access solutions. Electronic locks extend in- telligent security from existing building se- curity networks to data center cabinets. As a result, data center managers can ensure their facilities and equipment are protected against the risk of data
breaches and any penal- ties associated with non- compliance.
Mike Fahy is the com- mercial product manager, Electronic Access Solu- tions, at Southco Inc.
26
MAY/JUNE 2019 | SECURITY TODAY
ACCESS CONTROL
Oleksiy Mark/Shutterstock.com


































































































   30   31   32   33   34