R&M Data Center Handbook
R&M Data Center Handbook
R&M Data Center Handbook
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
www.datacenter.rdm.com<br />
3.5.5. Basic Protection and Security<br />
Ensuring data security – e.g. with backups and high-availability solutions – is not the only challenge that faces<br />
data center administrators. They also must make sure that the data center itself and the devices in it are protected<br />
from environmental influences, sabotage, theft, accidents, and similar incidents.<br />
Many of the following items were already mentioned in detail under the topic of “Security Aspects” in section 1.12.<br />
An overview of essential data center dangers and corresponding countermeasures is again provided here.<br />
In general, it is true that security in a data center is always relative. It depends, for one, on the potential for danger,<br />
and also on any security measures that were already taken. A high level of security can be achieved absolutely by<br />
means of extremely high safeguards, even in an extremely dangerous environment. However, protecting a data<br />
center that is located in earthquake areas, military IT installations under threat or under similar situations does<br />
have its price.<br />
It therefore makes sense for those responsible for IT in the data center to assess the potential of danger before<br />
beginning their security projects, and to relate this to the desired level of security. They can then work out the<br />
measures that are required for realizing this level of security.<br />
Threat Scenarios<br />
The first step in safeguarding a data center against dangers always consists of correctly assessing actual threats.<br />
These are different for every installation. Installations in a military zone have requirements that are different than<br />
those of charitable organizations, and data centers in especially hot regions must place a higher emphasis on air<br />
conditioning their server rooms than IT companies in Scandinavia. The IT departments concerned should therefore<br />
always ask themselves the following questions:<br />
• How often does the danger in question occur<br />
• What consequences will it have<br />
• Are these consequences justifiable economically<br />
But what elements make up the threats that<br />
typically endanger IT infrastructures and provide<br />
the basis for the questions listed above<br />
We must now list possible catastrophic losses<br />
in connection with this.<br />
Floods and hurricanes have been occurring with<br />
disproportionate frequency in central Europe in<br />
recent years, and, if an IT department assumes<br />
that this trend is continuing, it must absolutely<br />
make sure its data center is well-secured<br />
against storms, lightning and high water.<br />
Losses from vandalism, theft and sabotage<br />
have achieved a similar level of significance.<br />
High-performance building security systems<br />
are used so that IT infrastructures can be protected<br />
as well as possible. Finally, the area of<br />
technical disturbances also plays an important<br />
role in security.<br />
Picture supplied by Lucerne town hall<br />
Catastrophic Losses<br />
Our definition of the term “catastrophe” is very liberal, and we assign everything to this area that is related to<br />
damages caused by fire, lightning and water, as well as other damage caused by storms.<br />
The quality of the data center building plays an especially big part in resisting storms. The roof should be robust<br />
enough so tiles do not fly off during the first hurricane and rain water is not able to penetrate unhindered; the cellar<br />
must be sealed and dry, and doors and windows should have the ability to withstand the storm, even at high wind<br />
forces.<br />
At first glance, these points appear to be obvious, and also apply to all serious residential buildings – in fact,<br />
practically all buildings in central Europe fulfill these basic requirements. Nevertheless, it often makes perfect<br />
sense, for temporary offsite installations and when erecting IT facilities abroad, to take these basic requirements<br />
into consideration.<br />
R&M <strong>Data</strong> <strong>Center</strong> <strong>Handbook</strong> V2.0 © 08/2011 Reichle & De-Massari AG Page 75 of 156