Level 6 Data Centers: Best Practices in Security

There are four main types of data centers: enterprise, managed services, colocation and cloud data centers. In addition to storing, managing, and circulating data, data centers manage physical security systems, network and IT systems, power resources, environmental control and operational management. But what does all that information need? Security.

There are several levels to data center security, the highest level being Level 6. SEM devices are often part of a robust level six data security program, as seen in this Google data center video.

Level six data centers offer the utmost advances in modern data security to ensure that none of the data they store and manage gets into the wrong hands. Below we have broken down each security level and offer an inside peek at just how difficult they can be to hack.

  • Level one: Regardless of the kind of data center, the first level of security is the physical property boundaries surrounding the facility. These property boundaries typically include signage, fencing and other significant forms of perimeter defenses.

  • Level two: Once the physical boundaries have been bypassed, the next level is a secure perimeter. Here, someone can enter through the main entrance and be met by 24/7 security guard staff, comprehensive camera coverage, smart fencing and other perimeter defense systems. Once someone has entered the second level, the company’s security personnel have eyes on their every move.
  • Level three: Level 3 allows physical entry to the data center…well, kind of. Even though someone may have been granted building access, they are still nowhere near the data center floor. This level requires a security search of everyone entering the data center. Employees entering the facility must provide company-issued identification and complete a scan to confirm identity. Additionally, most data centers only allow one person through a door at a time to ensure that only approved personnel may enter.

  • Level four: Level four houses the security operations center (SOC). The SOC is often referred to as the brains of the security system as it monitors the data center 24 hours a day, seven days a week, 365 days a year.  The previous layers of security discussed above are connected to the SOC and monitored by a select group of security personnel.

  • Level five: Level 5 is the data center floor – finally! This is where all the data is stored. When here, security is much stricter and only a small percentage of staff have access to this level; typically, only technicians and engineers so they can repair, maintain or upgrade equipment. Even on the floor, technicians and engineers only have access to the devices, but not the data itself, as all the stored data is encrypted.

  • Level six: This is where all the fun happens. And by fun, we mean destruction. Security is at an all-time high with even fewer personnel having access. If a device needs to be destroyed, there is a secure two-way access system of sorts, which can vary depending on the facility. Explanation: one person drops off the device and another person takes the device to be destroyed. This is crucial to maintaining data security protocols, so only technicians assigned to the destruction room have access to the devices. It is the role of the technicians in this room to scan, degauss (magnetic media only) and destroy the retired devices.

Leaving the data center is a process just as intensive as entering. Everyone leaving the floor is subjected to a full-body metal detector and makes their way back through each of the previous levels. This is to ensure that no one can leave with any devices, and each person that has entered can be accounted for when leaving.

When destroying, it is NSA best practice first to degauss the device if it is magnetic media. This offers the most secure method of sanitization. SEM degaussers use powerful magnetic fields that sanitize magnetic tapes and hard disk drives (HDDs). It is this act alone that renders the drive completely inoperable – which is the goal. Not even the most skilled of hackers will be able to get any information off the drive, simply because there’s nothing left on it!

The next step is the physical destruction of the drive/device. This can be done by the act of crushing and/or shredding. Combined, degaussing and destroying ensure that no information is susceptible to getting stolen and offer the best security in destroying your end-of-life data.

Hackers do not discriminate. So regardless of the industry, purchasing in-house, end-of-life data destruction equipment is well worth the investment simply because it is impossible to be confident that all data has been destroyed otherwise. In addition, this can potentially save the company more time and money in the long run by preventing breaches early on.

At SEM we have an array of various high-quality NSA listed/CUI and unclassified magnetic media degaussers, IT crushers and enterprise IT shredders to meet any regulation – including Level 6! Any one of our exceptional sales team members are more than happy to help answer any questions you may have and help determine which machine will best meet your company or federally regulated destruction needs.

Brought to You by

What’s Hot on Infosecurity Magazine?