25 February 2019

Securing your internal critical infrastructure is only half the story

By George Dionisopoulos - Head of Security & Customer Service

Security is a topic we take seriously at NEXTDC and as such plays an integral role in the solutions we deliver as one of Australia’s most trusted data centre providers. Here at NEXTDC we live and breathe security, so much so, it forms one third of our brand promise to power, secure and connect our customers 100% of the time. We pay particular attention to the needs of our customers, as we do to the critical infrastructure that we build to support their data centre space.

Every IT strategy is only as good as the infrastructure it’s surrounded and secured by. If your mission critical infrastructure is left vulnerable as a result of its physical surroundings, the integrity of your business is on the line. When building a comprehensive security strategy for a highly redundant hyperscale data centre such as ours, it needs to be carefully planned and built from the inside out. The thought and investment that goes into our security infrastructure comprises several multi-layered security systems and protocols to ensure that our customers critical IT infrastructure is always safeguarded and protected.

Front of house secure access at NEXTDC

In my 15 years’ experience in the industry, I have witnessed first-hand the evolution of security, evolving from purely a physical form into a complex, multi-layered virtual-based model designed to push the boundaries and deliver an unprecedented level of protection – which is an ethos every one of us embody and challenge ourselves to champion every day.

When deploying the rigorous and complex security protocols that our world-class facilities champion, there is a lot of planning and tactical methodology behind it. I have often been asked what it takes to make a data centre secure, and the answer is never simple or straight forward. The reason being is that there are a number of aspects that need to be considered when building and implementing a security model that will stand up to any event and allow us to respond immediately.

Our security measures that are replicated across our national footprint have been designed and built to the country’s highest security standards. But what does that really mean for customers? It means that this federated model allows NEXTDC to operate in a standalone environment (if ever required), ensuring our security environment is maintained at optimal levels in the event of a threat or incident that requires our team to be on heightened alert.

Every NEXTDC data centre utilises a two-factor authentication system. Every facility is stringently secured with a multi-layered access system with individual authentication using combined biometric fingerprint technology and ID access cards (IDACs). For our customers, this means there is no way their identification or access can be cloned or duplicated. Biometric technology makes it impossible to “recreate” a physical fingerprint – maintaining our position of offering the highest level of security and instilling confidence in our customers that their most important infrastructure is secured at all times.

NEXTDC biometric fingerprint access

In addition to the biometric technology, our data centres come further secured with another safeguard mechanism, our ballistic-rated Gunnebo security portals. Our Gunnebos play an integral role in our security strategy as they enable us to monitor access in and throughout our data centres. With the excessive weight detection system, this safeguard mechanism reduces the risk of allowing unauthorised entry to a second person wanting to enter the facility at the same time. This technology is only one example of how we have thought about our customers and their needs to house their data and infrastructure within a safe and secure data centre like NEXTDC. A physical security breach to a customer’s space could result in irreversible reputational damage, impact on future opportunities and the ability to retain existing customers. It’s lucky for us that by utilising several applications within our security architects’ models has allowed us to add to the level of deterrence we offer.

NEXTDC M1 secure entrance

Each data centre is equipped with over 200 internal and external security-cameras, NEXTDC facilities are manned 24 hours x 365 days by our Security and Customer Success Teams. We won’t compromise on the things that matter most, therefore every person you see onsite at a NEXTDC data centreis a NEXTDC employed staff member. Every employee is put through a rigorous security screening process which involves a full credential and police background check. This gives our customers additional peace of mind, knowing we have the right people at the right time always on hand to assist our customers. Our management services portal ONEDC® has been designed to allow our customers to customise access for their authorised personnel including nominated contractors, IT service providers and technicians as well as provide visibility to full audit logs containing dates, times and the names of the people accessing your rack.

24x7 CCTV high definition imagery

Deploying a bullet-proof multi-layer security strategy is only one third of the story. Reporting on its effectiveness and continuously auditing and refining it cannot be discounted. Reporting and auditing our security measures is not a task we take lightly. Not only is it imperative for NEXTDC that we report and pass our internal audits 100% of the time, we work closely with our customers and partners who require the same level of detail in order for them to demonstrate the physical security of their critical infrastructure. Every year we actively work with our Enterprise and Government customers, carrying out over 50 audits annually, clearly demonstrating compliance in line with their stringent security criteria which is required to be fulfilled in order for them to comply with regulatory and governance requirements.

As we move forward and embark on our journey of building our third generation data centres which will be designed and built to stringent Government security standards, we have already begun planning for the future through the continued evolution and advancement of our current security model to maintain our position of Australia’s most innovating and secure data centre provider, offering the highest level of stringent security to our customers 100% of the time.

If you would like to know more, or ensure your critical infrastructure is protected in world-class facilities, contact us.