'Nothing Ever Happens Here' - Layered Security For Corporate Facilities
Other News Subscribe to FREE newsletter | Oct 11, 2021 |
At one time, corporate security focused on C-suites and front-door access control at the headquarters. But as workplace violence continues to evolve, more corporate settings are adopting a layered security approach to multiple levels of a corporate facility鈥攁nd applying it to a wider range of their facilities.
鈥淲e saw this a little bit in the past,鈥 says Total Security Solutions CEO Jim Richards. 鈥淏ut just as many companies are thinking more about employee health and well-being, we鈥檙e also seeing increased interest in layered security solutions that protect a wider group of employees.鈥
There Haven鈥檛 Been Thieves at Your Data Center鈥擸et
Data centers are a good example of a facility that gets forgotten about when it comes to security. Until recently, these were safe simply by virtue of isolation. As Jim Richards has pointed out, 鈥淭hese are basically warehouses that are secured and climate-controlled, designed to hold a gazillion servers. They want to be off the beaten path, where utilities and land are cheap. Folks who live and work in these sorts of areas almost always say 鈥榥othing unexpected ever happens around here鈥. It鈥檚 very easy for that way of thinking to drift into a false sense of security. Because there鈥檚 no reason it couldn鈥檛 happen here, just that it hasn鈥檛 happened yet.鈥
OFFICES AND DATA CENTERS INCREASINGLY ADOPT LAYERED SECURITY STRATEGIES
And as data and hardware have become more valuable鈥攁nd the collection and use of that data more politically charged鈥攖hose previously unexpected things have started happening, with increased frequency.
In some of the earliest cases, thieves targeted the same Chicago-area server hosting company four times between 2004 and 2008. Attackers slipped through a poorly secured doorway on one occasion and circumvented security by breaching a wall on another. In at least one case, they assaulted a lone IT worker and took him hostage while they hauled away thousands of dollars in equipment.
By 2011 thieves had targeted Vodafone and Verizon data centers several times. They stole equipment (likely for resale) and caused large mobile phone service outages in the process. Thieves have also plundered both expensive hardware and sensitive user information from streaming video services. In 2015, a thief forced his way into the server room of children鈥檚 charity Plan UK. He took five servers containing information on 90,000 supporters (including names, addresses, contact details, and banking information). And in 2018, authorities in Iceland arrested 11 people involved in a data center robbery ring responsible for stealing 600 servers worth almost $2 million.
Vigilance, Corporate Security, and Ideological Attacks
In 2021, the threat landscape for data centers evolved significantly. Soon after the January 6 insurrection at the U.S. Capitol, ideologically motivated threats of violence targeting Amazon data centers began to bubble up online.
In response, Amazon Web Services鈥 vice president of infrastructure operations, Chris Vonderhaar, emailed data center teams, warning them of threats targeting 鈥渙ur local teams and facilities, including our data centers,鈥 and urging them to 鈥淏e safe. Be vigilant鈥:
鈥淲e all need to [be] vigilant during this time to keep one another and our facilities safe. If you see something, say something鈥攏o situation or concern is too small or insignificant.鈥
As it turned out, these concerns were justified. In April federal agents arrested Seth Aaron Pendley. Pendley was at the Capitol on January 6 and brought a sawed-off rifle to Washington that day. Soon after leaving Washington, he began plotting to bomb data centers, targeting an Amazon facility. As the Washington Post reported, 鈥淸Pendley] shared hand-drawn maps of the Amazon data centers, with multiple routes in and out of the buildings.鈥 He ultimately sought to acquire C-4 explosives to use during his attack.
These instances reinforce the importance of layered security across all aspects of a corporation. While the data centers are not the corporate headquarters filled with people, they have just as valuable information and assets within them and should be protected and secure.
Layered Security for Data Centers
鈥淲e鈥檝e done security installations for global Fortune 500 companies, for visiting dignitaries. A data center is a lot less glamorous. But from a physical security standpoint, it can be really challenging: different points of entry, almost like governmental facilities,鈥 Jim notes.
鈥淵ou really need to look at the entire facility, think about all the reasons that place might be targeted, and think in layers if you want to protect the people working there. Increasingly, people seem to be whipping themselves into a frenzy about this issue or that one. There鈥檚 no way they can get at the CEO of Amazon or Facebook. So they are choosing new targets, ones that they have reason to believe are low-hanging fruit. 鈥攊s increasingly a key element for what was previously the 鈥榤ost boring鈥 place in most organizations.鈥
@TSSBulletProof #TSSBulletProof #bulletproof #healthcaresecurity #security #bulletproofglass
For other relevant searches, you might want to try: