NAME :

PUSHPLATA UPADHYAY (WRO - 0504046) 8286787087

CENTER: KIRTI COLLEGE DADAR(W)

BATCH TIMING: 12:30 4:30 BATCH COMMENCEMENT: 1st july 2013

Definitions
Data is any type of stored digital information.

Security is about the protection of assets.

Prevention: measures taken to protect your assets from

being damaged. Detection: measures taken to allow you to detect when an asset has been damaged, how it was damaged and who damaged it. Reaction: measures that allow you to recover your assets.

Definitions continued.
Confidentiality ensures that that data is only read by

the intended recipients. Integrity ensures that all of the data has not been corrupted from its original source. Availability guarantees that the data is usable upon demand. Accountability is audit information that is kept and protected so that security actions can be traced to the responsible party.

DATA CENTER SECURITY:

ALWAYS A MAIN CONCERN

When it comes to what customers value, data center security tops the list.

Of course power, cooling, connectivity and other features play an important roles in evaluating Data center performance as well. But any defects in physical security can have devastating effects.

Security measures can be categorized into four layers: Perimeter security

Facility controls Computer room controls

Cabinet controls

Perimeter security
Facility controls Compute r room controls

Cabinet controls
The four layers of Data Center Physical Security

OPTIMUM PHYSICAL SECURITY: LAYERING IS THE KEY

The most sound and strategic way to reach optimum physical security is to design and manage your data center in terms of layers.

Layering creates depth in your physical protection

structure. It helps to confirm failure of one element in the system will not create vulnerability in the whole system. The inner layers also help prevent malicious or even unintended data breaches from employees.

WHY INNER LAYERS ARE IMPORTANT

Even though the concept of physical security layering obviously makes unwanted entry originating from outside a data center facility more and more difficult, inner layers also help mitigate insider threats, which are often ignored. Consider the following survey.

Even though the insider threat can be the most elusive, physical security within the inner layers of the company, such as computer room and cabinet controls, can help secure the heart of your data. Various technology and security assets can be positioned to: Track people Limit unauthorized employee access to high-priority areas Provide an audit trail of personnel access Integrate with video to provide a record of an attempted breach.

FIRST LAYER: PERIMETER SECURITY

The primary goals of the first layer of data center protection-perimeter security: A perimeter fence equipped with sensors can serve as the first detection point for intrusion. The perimeter fence detection system can be integrated with Intrusion alarms. Limited access control points. High-definition video surveillance and Motion-activated securitylighting. Security personnel will then be able to pinpoint an intrusion and immediately access the networks security system.

SECOND LAYER: FACILITY CONTROLS

The goals of this secondary layer of protection are to further restrict access if a breach has occurred at the perimeter. Indoor surveillance for identification and monitoring, as well as multiple ID verification methods are a must. By using visitor management and high-resolution video surveillance systems, facility controls measure, monitor, and restrict access to the building.

Third Layer: Computer Room Controls

The goals of the third layer of physical security are to further Restrict access through multiple forms of verification Monitor all authorized access and Have redundant power and communications.
There are three basic methods for verifying someones identity: Possessing or carrying the correct key or token. Knowing predetermined private information, such as a password or personal identification number (PIN) Providing information that is inherent and unique to that individual, including the use of biometric devices to verify finger and thumb prints, irises or vascular patterns.

Fourth Layer: Cabinet Controls

The fourth layer is particularly important and effective in minimizing the significant and often-ignored insider threat discussed earlier.

Types of Locking Hardware

REFERENCES
[1] Jessica Silver-Greenberg, New York Times, Business Day, After a Data Breach, Visa Removes a Service Provider, 1 April 2012

[2] Cyber-Ark survey of 600 financial industry workers in New York and London via InformationWeek and Actimize surveys.

Thank you!
I very much appreciate your time and interest.