Part I: Getting In
My job as an IT (Information Technology) consultant affords me some unique opportunities. For instance, the other day, I had to go to a hosted data center to install some servers for a customer. I realized that the inside of a data center is something that most people may never see, so I thought I would give some description that might be useful to writers—or potential criminals. (Funny how the interests of those two segments of society often overlap.)
First of all, what is a data center? Fundamentally, it’s a big room, filled with servers. (If you’re asking at this point, “What is a server?” you probably aren’t going to write about a data center, and you can skip the rest of this article.) In today’s online world, data centers are the physical repository of enormous amounts of very valuable data.
In a smaller company, the area where the server or servers are located is usually called a server room, and lacks much of the sophistication that makes a true data center. A large company may have one or more data centers within their office buildings; this is a private data center. Most data centers, however, hold more than one company’s servers. These are known as hosted data centers or co-location spaces. Data Centers (private or hosted) are also called server farms. Size-wise, they are measured in thousands of square feet.
A hosted data center is a facility where many different smaller organizations keep their servers. The hosting company provides (at a minimum) physical security, power, cooling, rack-space (more on that later), Internet connection, fire suppression, and physical access when necessary. The differences between hosted and private data centers are minimal, although specifics of each can vary widely. I will focus mostly on hosted data centers in this article, and I will compare one that is top-of-the-line with another that is less so.
External environment: Data Centers are generally located in industrial parks. They are often nondescript buildings with few windows. A top-notch data center will be isolated from other buildings (to prevent fire or flood in another office from spreading to the data center) and will be often isolated from its own parking lot (to prevent people from driving cars into the building in order to force entry). A less-secure data center may lease space in a larger building. The top-notch data center I visited the other day has a thirty-yard path from the parking lot to the main entrance, which snakes through a lovely patch of natural foliage. Another data center I know of simply has a couple of bollards outside the front door, which opens into the parking lot.
Gaining Entry (Through the Front Door): A very secure data center will have a single point of entry. The one with which I am familiar has a “man-trap” (air-lock style) double door system at the front. You enter through the first glass door into a small entryway. Through the second glass door, you can see the guard desk. A guard must buzz you in before you can enter the second door. (I presume the outer door must be closed before the inner one will open, but I’m not sure.) The guard desk is located in a lobby area, with comfortable chairs, fake flowers and marketing flyers. Without authorization, that’s as far as you can go. There isn’t even a bathroom in the lobby. There’s no way to get out of the guards’ sight other than to leave the building.
Behind the guard desk is a glass wall. Behind that, is a hallway that connects to the rest of the building. You get in only if you have been pre-authorized by a company that rents space in the data center. (The customer can do this through a secure Web site or by calling the data center support number.) You give the guard some ID (driver’s license) tell them which company you’re with, then fill out a form stating why you’re there (to install a server, perform maintenance, etc.). Once they confirm you are authorized to be there, they give you a credit-card-sized RFID badge and let you in the door.
If you’ve never been there before, someone may show you to the data center floor. Otherwise, you’re free to get there on your own. The top-notch data center where I have been has a kitchenette and restrooms down the hall from the main entrance. This is for the convenience of the employees and also for the customers and contractors, who may be there for many hours, on successive days. This is as good a place as any to mention that a data center operates 24x7. A contractor may need to get in at any time to replace a failed hard drive, or some other such task.
Lower-end data centers may have a less-formal entry procedure, and may rely on on-site technicians instead of guards to authorize entry.
Gaining Entry (Through the Back Door): Data Centers are full of big equipment (battery arrays, server cabinets, etc.) and none of it comes in through the front door. That’s why there is a loading dock. The top-notch data center I’m referencing has surprisingly lax security at the loading dock.
Obviously, one can drive right up to the loading dock, or it wouldn’t be of much use. Technically, anyone who enters through the loading dock is supposed to have signed in at the front desk, but, as long as one person goes in through the front, it wouldn’t be tough to have someone drive around and meet you at the back to help you unload. I’m pretty sure that the data center employees are supposed to stay in the loading dock area as long as anyone else is there, but there are no guards. Movement between the shipping area (just inside the loading dock) and the rest of the building is restricted by key card.
Employees: Before I move on to the heart of the data center, I would like to make a note about the employees. Hosted data centers are companies, just like any other. Single-site data centers (and private data centers) will have offices for marketing and sales and purchasing and all the other people who make a company run. Other data centers have multiple sites around the country or the world. These sites will typically have only guards and technicians. The guards have an extremely boring job. (I asked one.) Very little happens, other than the sporadic checking in of customers and employees. Since almost everything can be done remotely, customer visits are infrequent. The guards may or may not be armed. And, they may or may not be friendly.
The other employees are technicians. They are responsible for monitoring and responding to problems with temperature or Internet connections, or other services the data center provides. They will also act as “hot-hands” to physically reset a piece of equipment for a customer, so the customer doesn’t have to travel on-site just to power-cycle a switch. These guys are hard-core IT geeks. They are denizens of the data center—territorial and lacking in social skills. OK, not all of them, but most of the ones I’ve met are.
Stay tuned for Part II, The Heart of the Data Center.
Nice blog..... They act as “hot-hands” to physically reset a piece of equipment for a customer, so the customer doesn’t have to travel on-site just to power-cycle a switch.
ReplyDeleteServer Cabinets