Data Center

Cabinet Access Control—Deployment Considerations

Michael Salvador

We've blogged about the importance of cabinet-level security in the data center due to the potential for internal threats. If you’ve realized the importance of bringing security down to the cabinet level and are planning to deploy a cabinet access control system, there are many features to consider when evaluating solutions.

Flexible & Scalable

Data Center Technician Entering Security Keypad

When evaluating access control systems for data center cabinets, ensure the system is flexible enough to meet your specific requirements. For example, in pod-based data centers where rows or groups of cabinets are segregated by function, access to a group of cabinets vs individual enclosures may be necessary. Additionally, separating front and rear cabinet door access to accommodate different teams accessing the front and rear of equipment.

 

Look for a scalable solution designed to accommodate and support additional cabinets. Centralized IP-based systems that reside on the network are ideal for supporting access control for any number of cabinets or groups of cabinets across multiple data center locations. 

 

Secure Enough

Keyed cabinet systems are not always the most secure option. Not only can locks be picked, keys are often misplaced, copied or shared, and in the event of a security breach,  it can be challenging to know who used the key. Consider smarter systems such as card-access or biometrics that offer higher security and the ability to record access attempts.

 

If you choose a card access system, more advanced smart card systems including iClass use higher frequencies and bi-directional communication for better security over standard low-frequency cards that can be easily duplicated.

 

If even greater levels of security are required, biometric systems (e.g., fingerprint scanning) requires a person to be physically present for authorized access, eliminating the possibility of access cards ending up in the wrong hands. Biometrics also enable a 100% indisputable audit trail. Another feature for high-security environments is dual-custody mode that requires two different users to be present to successfully gain access.

 

Manageable & Programmable

IP-based cabinet access control systems that are centrally managed via software are ideal for managing access to many cabinets across multiple facilities. Centrally managed systems can also receive and communicate access attempts and alarms in real time.

 

Make sure the system you choose can send remote alerts to designated staff. System features including the ability to remotely lock and unlock specific doors and place the system in full lockdown mode also offer advanced levels of security management. The software should also offer robust reporting capabilities—especially important for compliance with security regulations requiring regular reporting and auditing.

 

Other software features that can ease management include the ability to group cabinets into zones and establish user parameters. This allows for managing cabinet access based on specific facilities, groups of cabinets, user functions or access levels (e.g., in co-location centers, cabinet-level access could be defined based on tenant; technician access can be limited specifically to the rear; or user parameters such as time bands can be deployed to limit visitor access or employee shift times.

 

Centrally-managed access control systems should also be able to integrate and exchange information with other systems through SNMP or other open protocols. This allows for cost-effectively integrating the system with other security or data center management systems (e.g., DCIM) that may also exist within a facility.

 

For more about what to look for in a cabinet access control system, check out the Belden Smart Cabinet Access System available on all Belden X-Series enclosures for multi-media, servers and networking equipment.