Growing data privacy regulations such as the Health Insurance Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), Federal Information Security Management Act (FIMSA), and General Data Protection Regulation (GDPR) are driving the need for more stringent cybersecurity measures, including closely controlled access to cabinets where servers and switches reside.
Cabinet-level security is the first line of defense in data centers' data protection and security policies—but, what has worked in the past is no longer adequate to meet the challenges of the future.
Actionable Considerations: Reassessing Cybersecurity Processes and Controls
When reassessing cybersecurity processes and controls, Information Technology (IT) teams should consider the following:
- Does IT have safeguards in place to control physical access to sensitive data?
- The access control solution should be easy to manage remotely
- Multiple layers of security, including dual-factor, biometric authentication, as employee cards or keys can be stolen and used by unauthorized users
- Is IT able to monitor who is accessing data both physically and remotely?
- The access control solution should monitor swing handle and door conditions
- The access control solution should alert in real time when a door is tampered open
- The access control solution should log and report every access attempt
- Does IT need to have an audit trail showing who has accessed sensitive data and when they accessed it?
- At the very least, the access control solution should keep logs of access attempts, but ideally, it should be paired with data enter infrastructure management (DCIM) software for more granular reporting and trending information
A Simplified Approach for Immediate Security in Remote Spaces
Emerging trends indicate security integration with the space of intelligent power distribution, providing a simple and effective solution for physical access control, power usage and environmental monitoring. Deploying one system also nullifies the need for a separate source of power or network to the cabinet's electronic swinghandle locks.
This integrated approach provides a single view and the ability to management power at each outlet and cabinet, monitor status of environmental conditions and control each cabinet access attempt with an audit trail report that is easily explored via a user-friendly web interface—a documentation requirement by the key privacy regulations listed above (HIPAA, PCI-DSS, FIMSA and GDPR).
To learn more about enhancing security in remote spaces, read the full article. You can also watch the video below.
Brittany Mangan, Digital Content Specialist