Physical IT security: Onion approach for the data center

In this article you will read about,

• why physical security in data centers is just as important as cyber security,
• what advantages security zones built according to the onion approach bring,
• and why more and more data center operators are moving to the countryside.

Data centers are considered the "cradle of digitalization." Without powerful computing resources, neither the Internet nor the cloud would function – and therefore neither would apps, social media, or online stores. An outage would have far-reaching consequences for both the economy and social life. No wonder, then, that the operation of data centers requires special protective measures.

While IT security is concerned with defending against cyber attacks, physical security at the data center (DC) is about preventing unauthorized persons from gaining access and protecting DC operations against natural disasters such as floods and storms. But fire protection, power supply, and drone detection also play a role, explains Johannes Krafczyk, the T-Systems manager who oversaw the construction of the high-performance data center in Biere, in an interview.

What role do structural measures play?

We implement the division into security layers, according to the IT baseline protection of the German Federal Office for Information Security (BSI): External area, controlled internal area, internal and high-security area. In the latter, and thus at the core of the building, the data to be protected is located on high-performance servers.

The outer ring comprises the outdoor area including the security fence and central entrance to the controlled indoor area. There, pin code, key card, biometric identification, or a combination of several procedures determine which areas each individual person is allowed to enter: Who can only get as far as the truck delivery ramp and who can get as far as the locking system of a rack? All the doors and locks in the data center will only open if the security profile and authorizations are correct. The routes in the data center are clearly predetermined for each individual.

What else is important besides access controls?

Fire protection is another important point. Modern equipment and the associated processes ensure a safe operation and data availability. In Biere, we use early fire detection with aspirating smoke detectors – the so-called Very Early Smoke Detection Apparatus (VESDA). There is a sophisticated room design with self-sufficient fire protection cells that are fire-resistant for at least 90 minutes thanks to F90 quality. In addition, nitrogen gas extinguishing systems allow individual fire protection cells to be extinguished in an emergency.

If the sensors and cameras connected to our alarm system detect a fire, they automatically trigger the extinguishers and alert the nearest fire station so that emergency services can be on site within minutes. We regularly test all the solutions and processes pertaining to fire protection. Fire drills are also held at fixed intervals with the local fire department.

But a fire is not the only danger.

No. The physical safety precautions in our data centers also protect against outages due to natural disasters, such as floods, storms, and earthquakes. The structural requirements must already be taken into account when selecting the location and the necessary measures must be included in the construction plans.

Despite all the security mechanisms: If you want to play it completely safe, you should also opt for geo-redundant storage at another location, such as our new twin-core data center in Amsterdam.

What does a suitable location look like?

A good example is our location in Biere. The environment and infrastructure here are just right. You have to take a close look at these when making your selection: Is there a river that could overflow its banks? What about airport approach paths? Are there only county roads in the vicinity or also highways on which hazardous goods transports are permitted? Do utility lines or pipelines run under the site? Could an industrial area be built in the immediate vicinity? In addition, railways play a role in Germany. The system of electrified railways can have an impact on the technology in the data center. It is not so much the frequency used, 33 1/3 HZ, that interferes, but rather the traction return current to the transformer via the ground.

So, the site in Biere, just under 20 kilometers south of Magdeburg, was able to meet all these requirements?

Exactly. What's more, rural locations like Biere are in vogue. In recent years, we have observed an increasing retreat from the inner cities. If companies, providers, or investors want to build new data centers, they are increasingly drawn to the countryside, where there’s – at least for now – sufficient electricity infrastructure and land available, but they can also exclude certain threats. Urban infrastructures can have a negative impact on data center security. More can happen here, whether through traffic accidents or construction work during which cables are cut or wartime aerial bombs are found.

Nevertheless, there are a great many data centers in cities and metropolitan areas such as the Rhine-Main region.

There are also historical reasons for this. The first large data centers were built in the 1970s. Skilled workers who could operate these data factories were rare at the time and could only be found around universities. For this reason, the cornerstone was laid in 1974 for the VEB Maschinelles Rechnen (VEB Machine Computing), a so-called “Volkseigene Betrieb” or publicly-owned company, right next to the university in Magdeburg. Today, this site is home to one of T-Systems' high-performance computing centers.

However, the issue of skilled workers is no longer so crucial today. IT operations now require fewer staff, and many processes are fully automated and run remotely. At our sites in Biere and Magdeburg, an average of around 100 people are on site every day.

A secure infrastructure including a reliable power supply is important. In Biere, we have found the best conditions to implement the necessary protection and security concepts for a "Fort Knox for data." For example, the inner core of the data center is located around 70 meters from the nearest public road. The situation is different in the city: There, the wall next to a server might be directly adjacent to the road. In general, the large area in Biere brings more security, because the open spaces around the data center – unlike in built-up areas – are easier to monitor with sensors such as motion detectors and cameras.

Who is usually allowed to enter the data center?

Although IT operations are now largely automated, a large number of employees still keep everything running smoothly. Server clusters, racks, network components, storage appliances, uninterruptible power supplies, and fire protection systems have to be installed and regularly maintained, repaired, and replaced. The people assigned to do this must also be allowed to enter highly sensitive areas. Before they are granted access, however, they must be appropriately registered and vetted.

How is it determined who is allowed in which rooms?

This depends on the respective tasks and the function of the person. Operators of large data centers – including T-Systems in Biere – connect several Internet providers to give customers a flexible choice. This requires a handover: For example, the data must move from the provider's network to the Open Telekom Cloud. In Biere, this doesn't take place in the IT rooms, but in separate areas to which the technicians have access via a partitioned path system.

Is it possible to sneak other potentially dangerous things into the data center with the hardware?

There’s no such thing as 100 percent security. However, by combining various measures, we are able to achieve an extremely high level of security. For years now, it has been standard practice to screen packaging, and there is also a quarantine station for suspicious hardware.

It is not possible to penetrate the data center by land. But is it possible from the air?

Here we use drone detection. In Biere, signs on the fence indicate that we locate drones and hold the pilots accountable. Here, too, the rural location plays to our advantage. Unlike in densely populated urban areas, drones and pilots can be located more easily and quickly in open terrain.

The coronavirus crisis has recently changed working life in many areas. How is the pandemic actually affecting operations in Biere?

IT operations themselves are not affected by this. However, since the beginning of the pandemic, there have been no on-site meetings with customers. Furthermore, as is customary in large companies, we have coordinated our work shifts to protect against infection – the motto here being business continuity. For example, employees on different shifts are not allowed to meet each other in order to minimize the risk of infection. We have also expanded our spare parts stock so that we are not dependent on fluctuations in the supply chains. We learned this from the first lockdown in the spring of 2020, when small specialist companies had to stop production at short notice and could no longer supply data center equipment.