Overview of physical security and environmental controls
Security is normally an area that is usually very broad based owing to the fact that there are many ways through which it can be implemented and enacted. One of the ways through which it can be enacted is through the development of security policies. Another aspect of security is the physical security. This is where security is implemented physically and through actions.
Environmental control and especially in our working environments is also another aspect that should be taken with much affirmation since our places of work should also be environmental friendly.
HVAC: In most data centres, this is an abbreviation that one will not miss and it stands for Heating, Ventilating and Air Conditioning. This is a system that plays a very important role in keeping the environment at a constant temperature. This is a very complex system that calls for high level engineering and science and one can barely design it by one's self. It is also important that the HVAC system is properly integrated into the fire system so that in case of a fire, the cooling system does not circulate oxygen to feed the fire. In terms of the Heating, Ventilating and Air Conditioning perspective, one's data centre should be separate from the rest of the building. With overheating being a huge issue in a data centre, one need to ensure that such temperature changes to not affect the whole building but only the data centre section.
There are also other systems known as closed-loop systems and positive pressurization. In the closed-loop, the air in one's building is in constant recirculation hence no air from outside is pulled in to cool the building. The positive pressurization means that when one open the door, air inside the building will rush out automatically especially in cases of a fire and one want to get rid of the smoke.
Fire suppression: When working in an environment where there are many computers and power systems, it is evident and vivid that water must not be of any close proximity. This means that in such an environment, one should have very little fire suppression systems that rely on water.
Fire detections is also very important since it provides a good basis of the probable cause hence making it easier for one to supress it. One should make sure that one has smoke, fire and heat detectors installed in one's data centre.
When one is planning to take care of a fire with water, there are different methods that one can use. One is the dry pipe method where the pipe that has one's water is completely dry and in case of fire detection, the pipe fills up with water to the appropriate pressure and puts out the fire. The wet pipe method is one where one can immediately discharge the water in case of a fire alarm. There is also the preaction suppression method where the pipe where the pipe is filled with water and has the appropriate pressure but won't turn on until the temperature hits a certain amount making this system to go into effect.
Fire suppression can also be done with the use of chemical that are environmental friendly. This means that there are many fire suppression options apart from water.
EMI shielding: Electromagnetic interference is a common problem that occurs when we put many computers very close to each other. For instance, if one places a radio near a computer, one may realize that there is some electromagnetic interference radiating through the heat sinks, circuit boards and cables among other interfaces that are directly in the computer. If one open up a computer, one realize that there is a lot of metal shielding that may be on the case itself or either wrapped around the computer itself so as to prevent some of the electromagnetic interference from getting into one's environments. The metal shielding should not be removed at all costs since it prevents the radiated signals from getting into other components and devices that could be in one's environment.
Hot and cold aisles: When talking about hot and cold aisles, we generally refer to the manner in which our data centres are engineered; that is in which rack and what directions we put our servers. For instance, if one look at one's data centre, one may see servers arranged in different racks and on with raised floors underneath. It is underneath the raised floors that we have cold air moving in and blowing up into openings in the floor. Through this, the cold air is pulled into the racks of the servers by the fans and pushes it through the system. There is also the back of the server where all the hot air from the server is coming out, moving to the top of the building and then pulled below by the air conditioning systems where it is cooled. When designing this for maximum optimization, we should have cold aisles where all the cool air is being pulled through and hot aisles where the hot air from the computer systems can be sent to the top of the building for recirculation.
Environmental monitoring: After all environmental control systems have been set up such as cold and warm isles; it new becomes our responsibility to make sure that we establish whether our installation is having the actual effect on the temperature. So as to know if there is any effect occurring, we have to monitor the temperature over a period of time so as to make sure that whatever we are cooling is working properly and functional. For instance, one should ensure that if one increases the temperature, it will not result into an increase in the costs one incurs.
In most cases, one only turn on and off the cooling systems without necessarily keeps track of any changes. In this case, it is important that one obtain a thermometer that one can constantly watch and monitor. In addition, one can use it to keep track of information such as humidity and daily temperature changes.
With the help of such a thermometer, one should witness different temperature patterns for the different time intervals. One may also find out that different periods of the month have different temperature recordings which could depend on the level of CPU utilization. A higher CPU utilizations means more heat generated. With these logs available, one might later look into them and make some analysis on the working of one's cooling system for instance determine if there is proper amount of humidity in one's environment.
Another aspect of environmental monitoring can be video monitoring. In this case, one might decide to have one's own closed-circuit television which is an in-house component one can use to capture videos and data from one's cameras. With such video devices, one can protect one's assets. This is a common feature in shopping malls and supermarkets.
When setting up such cameras, one should take into account their location. One can decide to locate them inside one's building to monitor one's assets and also outside so as to monitor people in the parking lot. One should also consider the size of the area to monitor since there are cameras that offer a large field of view while others offer a small field of view. One should also consider the lighting of the place to monitor. If the area has less lighting, one might want to install special type of cameras that can monitor even with a low lighting system such as during the night.
One should also make sure that one's video monitoring system has a proper integration with other security monitoring systems and devices so as to make sure that one's video system works properly with other intrusion systems for proper capturing of information.
Temperature and humidity controls: Temperature in a data centre can be quite a challenge. This is in that when one's systems get too hot they might crash, and when they get too cold, then one might waste a lot of money with one's cooling system. Most of the data centres are normally very cold contrary to a Google recommendation to have an 80 degrees measure in the cold aisle which will optimally work for all one's systems.
Humidity on the other hand refers to the amount of moisture in the atmosphere. Too much moisture in the air could lead to corrosion of one's systems and therefore having cooling systems helps in removal of such moisture. If the humidity is too low, one might experience some static discharge which can be dangerous to one's computers and other sensitive electronic components.
Hardware locks: Hardware locks are among the most common physical security components. These are devices that are present on all doors. In most cases, this physical security aspect uses the whole and key mechanism where a key is required to open up the lock. However, in other cases, a key may not be necessary.
Mantraps: Mantraps are other special security enforcement methods. These systems are designed to detect illegal access of an area and they automatically initiate a lock of all the entrances so that the trespasser does not leave the room and hence some sort of trap is developed.
Video Surveillance: Video surveillance is an aspect of physical security where surveillance cameras are installed in various places either inside or outside a building. With these cameras, all activities happening are captured and displayed on a special type of screen for supervision. Video surveillance is considered very effective since it provides all- time security surveillance either during the day or at night. One disadvantage is that this form of security relies on the presence of power and hence a power outage can lead to loss of the surveillance.
Fencing: Fencing is another form of physical security. This involves having a perimeter barrier erected around an organization or company. Through this, unauthorized entry of people and animals is limited. This means that an individual seeking access to the area that has been fenced can only use the authorized entry point which in most cases is usually the gate.
Proximity readers: Proximity readers are some special type of devices that are able to establish the distance an individual is from a restricted area. With such readers, an approaching individual is detected and all his or her activities can be monitored. Once the individual gets to the restricted area, the readers can raise an alarm so as to draw the attention of security personnel.
Access list: An access list is a manner in which security is enforced inside organizations. In this case, there are usually special lists that are compiled giving a clear outline of the people who should access a particular facility or section in the organization. For instance, one can have an access list at the entry point of a server room so as to ensure that only the permitted database administrators can gain access to it.
Proper lighting: Proper lighting is also another way of enhancing security. This mainly applies in open places such as streets where many people carry out their daily activities. With proper lighting, all activities can be monitored for security purposes.
Signs: Signs can also be used as a physical means of enforcing security. In most cases, the signs normally appear in the form of warnings. For instance one can have a sign prohibiting the access of a particular section of an organization. Such signs are normally very distinct and can be seen from a distance.
Guards: Guards are individuals employed to man a particular area. These are individuals entitled with the responsibility of making sure that there proper security. They are people who can be stationed at different places such as gates, door entrances and exits. Apart from monitoring activities happening, the also carry out inspection on people and vehicles getting in and out of any premises.
Barricades: Barricades are barriers that inhibit the accessibility of a particular area to people or vehicles. In other cases, they can be used to bring permanent closure to a particular entrance.
Biometrics: Biometrics is among the latest technology to enforce security. These are devices that are made to recognize a finger print, the eye or even make some facial recognition so as to allow one to gain access to a particular area. They are usually installed on doorways. They are fed with information of only those people allowed to access the building.
Protected distribution (cabling): Cabling is another aspect of security enhancement. In most cases, most of the cables normally carry some electric power hence making them ideal for an electric fence. The cables are always live and therefore an attempt to penetrate through them can lead to electrocution.
Alarms: Alarms are special sound systems that are used to create the attention of security personnel in case of a security breach. Alarms can either be automated while others are manual and only ring when powered on.
Motion detection: Motion detectors are highly sensitive devices that have a very high capability of detecting the slightest motion in a building. Such devices are usually installed in places where access is completely restricted such as bank safes.
Deterrent: This is a security control measure where there access to an area is false fully restricted. This means that access cannot be obtained at all costs.
Preventive: Preventive control is a method where all the necessary security measures are taken in advance so as to avoid an instance where an individual can gain access to a building without the awareness of security personnel.
Detective: Detective control is where all the security personnel in an organization rely on security intelligence through carrying out various investigations and research.
Compensating: Compensating control comes in where a particular organization decides to utilize a particular security enforcement strategy that can cover up for many other security enforcement practises. In this case, one can use an alarm system that can be used in case of a fire, security breach among other reasons to call for alarm. This means that many security issues can be handled using the same device.
Technical: Technical control entails carrying out some security analysis so as to have an effective security system. This means that there has to be well calculated time intervals between security switches so as to ensure that security is still in force even with the absence of security personnel.
Administrative: Administrative control is where a specific individual is allocated a specific security area to handle and manage. The different security sections in an organization are managed by different people hence bringing some order in the execution of security policies.
Basically, a well dynamic and vibrant security system is crucial for top protection of every aspect in an organization. It is for this reason that security must be given an upper hand in terms of seniority and also funding.
On the other hand, the environment in which many machines are operated should also be one that is ideal and provides all the conditions for efficient running of the machines.