SDR 11.2 PowerPoint Presentation

SDR 11.2 PowerPoint Presentation

2017-08-21 20K 20 0 0

Description

PHYSICAL RACK LEVEL SECURITY MONITORING AND RESTRICTING ACCESS. Mike . Fahy. Business Development Manager,. Electronic Access Solutions. Data Center World – Certified Vendor Neutral. Each presenter is required to certify that their presentation will be vendor-neutral. . ID: 580829

Embed code:

Download this presentation



DownloadNote - The PPT/PDF document "SDR 11.2" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Presentations text content in SDR 11.2

Slide1

SDR 11.2PHYSICAL RACK LEVEL SECURITY MONITORING AND RESTRICTING ACCESS

Mike FahyBusiness Development Manager,Electronic Access Solutions

Slide2

Data Center World – Certified Vendor Neutral

Each presenter is required to certify that their presentation will be vendor-neutral.

As an attendee you have a right to enforce this policy of having no sales pitch within a session by alerting the speaker if you feel the session is not being presented in a vendor neutral fashion. If the issue continues to be a problem, please alert Data Center World staff after the session is complete.

Slide3

PHYSICAL RACK LEVEL SECURITY - MONITORING AND RESTRICTING ACCESS

Recent studies show that 55% of all data breaches are carried out or influenced by someone on the inside of an organization. To reduce the risk of the insider, both governmental and industrial organizations have developed compliance requirements that are forcing physical security and monitoring down to the rack level. This presentation will review these requirements and provide an overview of the solutions available for both new and existing racks.

Slide4

Agenda

Data center security

Drivers behind the need to improve rack level security

Affected data centers

Electronic locking mechanisms

What to monitor

Access control technologies

Solutions

Retrofit

situations

Case study

Slide5

Typical Data Center Security

Slide6

How Far Does Physical Security Extend?

Slide7

Rack Security Levels

Open Racks / Doorless RacksMechanically latched / locked doorSingle point / Multi-pointCombination locksChain & PadlockElectronic Locks

Slide8

Database breaches and cyber crime cost the global economy more than $400 billion annually. Juniper research predicts it could hit $2 trillion globally by 2019.

* Source: “2015 Cost of Cyber Crime Study: United States,” Ponemon Institute, October 2015.

Securing Data

Slide9

Biggest Challenges Presented By the Growth of the Volume of Data

Source: Cloudera and Intel jointly commissioned Unisphere Research, a division of Information Today, Inc., to survey IT and corporate line of business managers involved in or responsible for data center operations. April 2016

Slide10

Insider Threats Outrank External Attacks

Source: IBM 2015 Cyber Security Intelligence Index, Figure 5

Recent data from IBM Security Services shows 55% of all attacks were found to be carried out by malicious insiders or inadvertent actors.

Slide11

Inadvertent or Malicious Action

On September 23, 2014 the FBI released a warning about the security risks posed by disgruntled and former employees.

Source: http://www.ic3.gov/media/2014/140923.aspx

“The exploitation of business networks and servers by disgruntled and/or former employees has resulted in several significant FBI investigations in which individuals used their access to destroy data, steal proprietary software, obtain customer information, purchase unauthorized goods and services using customer accounts, and gain a competitive edge at a new company.”

Slide12

Regulatory Compliance Requirements

PCI-DSS, Payment Card Industry Data Security Standard“Any physical access to data or systems that house cardholder data provides the opportunity for individuals to access devices or data and to remove systems or hardcopies, and should be appropriately restricted”HIPAA – Health Insurance Portability & Accountability Act“Physical measures, policies and procedures to protect a covered entities electronic information systems and related buildings and equipment, from natural and environmental hazards, and unauthorized intrusion”SOX – Sarbanes OxleySCN 404 – Management assessment of internal controls “controls that pertain to the preparation of financial statements”FISMA – Federal Information Security Management ActOrganizations must limit physical access to information systems, equipment and the respective operating environments to authorized individuals.CIP – Critical Infrastructure Protection ActProtecting Critical Cyber Assets by restricting, monitoring and logging physical access.CJIS (Criminal Justice Information Services), FedRamp (Federal Risk and Authorization Management Program), SSAE16 SOC2

Slide13

Affected Data Centers

Financial HealthcareColocationGovernmentUtilitiesUniversities

Slide14

Rack Access Evolution

Cabinet level mechanical key lockSingle or multiple key codesManual access management

Electronic lockingDigital access credentialsIntegrated access control systems

Traditional Rack Access

Intelligent Physical Security

Security

Compliance

Convenience

Slide15

Design Considerations

Front door/back door

Multi-bay cabinetsCentralized vs dedicated access controlRemote AccessVirtual CagesHot aisle containment

Slide16

Electronic Locking Mechanisms

Electronic door strikesElectromagnetsFixed cam locksSwing handlesCam locksPush to close locksSlide boltsRotary stylePin latches

Slide17

What to Monitor

Lock statusElectrically locked/unlockedMechanically locked/unlockedLatch statusHandle up/downLocked mechanismDoor statusRelease @ high tempLink to IP Camera

Slide18

Override Solutions

MechanicalIntegrated key lockEngage with key lockCableKeyed panel accessElectricalRedundant powerOverride power keySeparate power terminals

Slide19

Access Control Technologies

Keypad – something you knowRFID – something you haveProx (125 KHz)Smart Card (13.56 MHz)Biometrics – something that is youFingerprint / Hand / Eye

Slide20

Access Control Technologies

Advantage

Disadvantage

Keypads

No credential to carry

Security risk

RF Proximity

Building integration

Better security

Requires physical

credential

Electronic keys

Easier

transition, familiarity

Management of electronic

keys

Biometrics

No credential, nothing to recall

Acceptance, reliability

Remote control

Higher security

Less convenience

Standalone

Simplified setup – no software

No

remote credential management

Networked – wired, wireless

Remote management

More complex install

Slide21

Integrated Access Control

Access Control Reader and Electronic Lock in one productNo additional drilling or cutting required for access control reader

Slide22

Self Contained Electronic Locks

Access control and electronic locking in one productEasy transition from mechanical keyed locks to electronic accessKeypad or RFID Card OptionsTypically battery based solutionsStandalone – no software or networkingNo real time monitoringSneakernet set-upSome work with multi-point latch systems

Slide23

Integration With Existing Building Physical Access Control (PAC) System

Utilizes existing infrastructureSame software that controls access to the building front door controls access to rack doorsBuilding access credentials can be used at rack levelAdding capacity to building PAC system can be costlyWiring needs to run from each cabinet to building PAC system panel

Slide24

Independent Networked Access Control System

Systems specifically designed for rack level securityHave their own software and user interfaceBuilding access credentials can still be used at rack levelSome communicate with existing PAC system to share credentials and transactionsSome are bus based, some are network appliances

Slide25

Electronic Access Retrofit Install

New build vs retrofitExisting panel prepsWarranty (no drilling / cutting)“Electronic Deadbolt”Access control reader & wiring integrationMechanical Override

Slide26

Case Study – The Challenge

Remote “dark” data centerLeased facilityThird party securitySeveral groups within organization need access to cabinetsOutside maintenance technicians need access to cabinetsSeveral different cabinet typesSOX / PCI Compliance RequirementsConcerned about the cost / time requirements of providing visitor escortsAccess provided locally and via remote help desk

Slide27

Case Study - Solution

Implemented a BUS based Independent Networked Access

Control systemLock retrofit kits to work on all existing cabinets without cutting or drillingLocal access via end of row controllerRemote access and credential management via internet (IP camera system)Audit trail reporting capability for SOX and CPI complianceKnow what each visitor is doing while in the data center

Slide28

Summary

Electronic access solutions at the rack provide the ultimate protection of data integrity

Select from basic standalone to fully IP based networked solutions

Electronic lock is the most critical element

Flexible electronic locking devices can be integrated with any remote access control system

Retrofits require appropriate planning for wiring and lock install

Slide29

Thank you

Mike

Fahy

Business Development Manager,

Electronic Access Solutions

Southco

, Inc.

Tel: (1) 303-561-4900

mfahy@southco.com

www.southco.com


About DocSlides
DocSlides allows users to easily upload and share presentations, PDF documents, and images.Share your documents with the world , watch,share and upload any time you want. How can you benefit from using DocSlides? DocSlides consists documents from individuals and organizations on topics ranging from technology and business to travel, health, and education. Find and search for what interests you, and learn from people and more. You can also download DocSlides to read or reference later.