Data centres have always been secure, tightly controlled facilities, but 9/11 brought about changes that pushed security and physical protections to even higher levels.
Data centres today, particularly those serving as colocation facilities, are more likely to have multiple points of security that may include physical barriers such as crash-resistant fences and high-tech defenses such as biometric identification systems.
It’s less likely today that backup and recovery data centres will be built near one another. And new data centres are more likely to be built outside of urban areas.
“Data centre designers have always been mindful of security concerns,” said Tad Davies, an executive vice-president at Bick Group, an IT services provider whose work includes data centre design. “What 9/11 caused us to do is think broader and on a massive scale.”
Davies said he knows of one company that relocated its data centre to a site that was within a four-hour drive of its backup data centres. The reason: It wanted to be certain that its IT staff could easily reach the facility by car in the event that air transportation was shut down, which is what happened on Sept. 11, 2001.
Kris Domich, who is the principal data centre consultant at Dimension Data, an IT services provider, said that 9/11 helped increased the acceptable distance between primary and secondary locations. Instead of having the data centers within a relatively quick drive, minimum distances can range between 100 and 1,000 miles or more.
The events of 9/11 also prompted private companies and government agencies to question whether data centres should be located in urban areas. The attacks, Domich said, prompted executives to ask, “Why do we have the data centre here, and do we need to have the data centre here?”
There are other factors that influence where enterprises choose to build data centres, especially energy costs and concerns about natural disasters. But there are exceptions to everything. While companies like Apple Inc. and Google Inc. have built new data centres in relatively rural locations, Microsoft Corp. has opened a major data centre in Chicago.
Ken Brill, founder of the Uptime Institute, said 9/11 revealed that many data centres of the major financial services companies were in locations that could not be easily secured. “The best defense remains site selection,” Brill said. “Having acres of surrounding land is the best defence.”
“The military uses 159 [feet] as the minimum separation between the outside walls of critical buildings and areas of public access,” Brill said. “If this criterion were enforced in the private sector, tens of billions [of dollars] in data centre investments would become obsolete overnight.”
One example of the move toward stronger data centre fortifications is the facility that NYSE Euronext recently opened in New Jersey. Located on a 28-acre site, it has a number of defenses, including a moat that protects part of the 400,000-square-foot complex.
Domich said that the need for stronger defenses has helped commercial data centre providers, which have typically put a lot of focus on security.
One such firm is Vantage Data Centers in Santa Clara, Calif., which leases out data centre space in a complex located on an 18-acre campus. Its facility is approximately 310,000 square feet.
Vantage CEO Jim Trout says the facility is surrounded by an eight foot-tall fence capable of stopping a car. Beginning with the gate, there are as many as seven points in the facility where visitors are checked. There are guards, biometric fingerprint identification systems, mantraps and cameras that all serve to limit access to the facility and keep track of visitors.
The facility also has redundant systems, including redundant electrical capacity, so if one system gets knocked out there’s a backup to take its place, said Trout.
“There is no question,” said Trout, that 9/11 affected the way data centres are secured.