ACCESS CONTROL MANAGEMENT SERVICES
When a company colocates its servers and other hardware with a data center, it wants to know that the facility will do everything in its power to keep those assets safe from unauthorized access. That’s why access control in the data center should be built into its approach to physical and logical security measures to ensure that the facility maintains high degrees of visibility and control over who is handling colocated assets.
Best Practices for Access Control in the Data Center
-
Keep Access Lists Up to Date
-
Implement Multi-Factor Authentication
-
Adopt a “Zero Trust” Philosophy
-
Use Interlock Checkpoints
-
Track Assets With DCIM Tools
Types of data access control
Organizations have to select a data access control policy that will best meet their requirements. There are four types of access control systems set apart by how the permissions are assigned to users.
Mandatory access control (MAC)
This access model makes use of a central authority to assign access rights to all employees. The administrator classifies system resources and users based on their risk level and access requirements. The access to resources is based on the privileges that the user possesses.
The MAC model provides a high level of data protection and is used by government agencies to secure highly classified information. While it provides a high level of protection, the MAC model is difficult to set up and use, which is why it is usually used along with other access models like discretionary access control (DAC).
Discretionary access control (DAC)
In a DAC model, the data owner decides who is eligible to access their data. The owner sets policies that determine who is authorized to access the resource, which gives this model more flexibility and makes it perfect for small to medium-sized organizations. Also, this model is the least restrictive, as the owner has complete control over their files. The lack of a central authority makes this model hard to manage, as the ACL of each file has to be checked in case of any discrepancy.
Role-based access control (RBAC)
The RBAC model is the most widely used control mechanism, as it aligns with the role and needs of every individual in the organization. It uses the principle of least privilege (POLP) to assign privileges based on the needs of an individual's role in the organization. Any user attempting to access data outside their scope is restricted.
Cables and Wires
AC/DC power, ground, copper and fiber optic are the main types of network cabling used in data centers. The interface that is available on the equipment used in the data center is the primary means for determining which type of cabling should be used. The network data cabling may also be selected based upon the bandwidth requirements of the equipment being used in the data center.
