rocket
domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init
action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/rahi_io/wp-includes/functions.php on line 6114While most discussions of IT security focus on logical controls, protection of the physical data center infrastructure is becoming increasingly important. The European Union (EU) General Data Protection Regulation (GDPR), which goes into effect next May, illustrates this point.
The GDPR is a strict new law governing the security and privacy of the personal data of anyone living in the EU. Although it is designed to standardize data privacy legislation across Europe, it has significant implications for companies around the world. It applies to any organization — regardless of its size or location — that collects and stores the data of EU residents.
The regulation mandates that all organizations know exactly where every instance of someone’s personal information is located and “implement appropriate technical and organizational measures” to ensure the protection of that data. Among the minimal organizational measures is ensuring the physical security of the premises where data is stored.
The GDPR isn’t the only regulation mandating physical data center security. For example, the Payment Card Industry Data Security Standard (PCI DSS) requires that organizations restrict and monitor access to any facility that houses systems used for storing, processing, or transmitting cardholder data. HIPAA prescribes “physical measures, policies, and procedures to protect a covered entity’s electronic information systems and related buildings and equipment, from natural and environmental hazards and unauthorized intrusion.”
Most data centers have implemented physical security measures such as electromechanical door locks, smartcard or biometric access controls, and video surveillance systems. As with all IT security issues, however, humans are the weakest link. Data thieves can gain entry by “tailgating” behind employees or posing as building maintenance personnel. Malicious insiders who have the freedom to roam through all parts of the facility can gain almost unfettered access to IT systems.
When it comes to security and regulatory compliance, organizations are rightfully concerned about firewalls, intrusion prevention systems, and other logical controls. However, the most sophisticated security tools are useless if cybercriminals can enter the data center facility and access or tamper with the equipment. As organizations prepare for GDPR compliance, they should take a hard look at their physical security strategies and infrastructure, and implement policies and procedures for keeping intruders away from sensitive data.
Let our experts design, develop, deploy and manage your requirements while you focus on what's important for your business