Physical Security and Audit-Readiness at the Rack

Jessica Ciesla
July 23, 2018

As a growing volume of sensitive data increasingly floats across your cloud and virtualized infrastructure, it’s easy to think about security and compliance in non-physical terms. That’s because compliance mandates such as HIPAA, PCI, and GDPR require your organization to protect data no matter where it resides. And if an attacker breaches your environment through a phishing email or an unpatched vulnerability, there’s no telling where they can wind up as they probe laterally across your network.

But no one should neglect physical security. After all, if you can’t prove to an auditor that you appropriately restrict physical access to physical machines on a rack-by-rack basis, you can be penalized severely—even if no one actually did anything wrong.

That’s why I strongly believe every data center manager should implement Raritan SmartLock™ technology.

With the SmartLock system, you can intelligently and granularly control access to your physical infrastructure. Just as important, you can clearly and credibly demonstrate to compliance auditors that you’re being fully diligent about monitoring who’s touching what in your data center—and that you can readily discover any physical access that may be role-inappropriate.

These are capabilities that no data center should be without in a world of intensifying cybersecurity and cybersecurity compliance risks.

What is Raritan’s SmartLock?

The SmartLock system is a family of solutions that enable you to better control and monitor access to your racks. These solutions include electronic door handles, door position sensors, card readers, mechanical overrides, and other modular components you need to put together a complete rack access control solution that best meets your particular requirements.

Using SmartLock, you can establish and enforce policies to control access to specific racks. You can define rules such as access to certain IT assets by particular users providing more control and visibility to your sensitive information. 

The SmartLock can piggyback on Raritan’s PX intelligent PDUs and EMX, reducing the cost and effort of implementation. This solution also supports a full range of RFID cards—including Legic®, my-d®, Tag-it® DESFire®, iClass®, MIFARE®, and I-Code®. And you can interface SmartLock with your DCIM system via web GUI, Xerus™ firmware, SNMP, and/or a scripting Interface.

The result: Greater visibility and intelligent physical access control that you can easily deploy and implement where, when, and how you need it.

Why having the Raritan SmartLock is important?

There are three primary reasons it has become more important than ever to intelligently control access to sensitive infrastructure at the rack level:

1)    Tighter security. Insider threats are real. Plus, there may be times when you want to temporarily limit an employee’s access to sensitive infrastructure. In other circumstances, you may need to bar a soon-to-be-terminated employee’s access even before they surrender their badge. This real-time point-and-click physical security is only possible with the right remote access control.

2)    Essential compliance. Given the regulatory mandates around sensitive data, it is no longer sufficient to just keep unauthorized personnel out of the data center generally. You must be able to show auditors that hardware associated with sensitive data is only being touched by the right people at the right times for the right reasons.

3)    Fewer errors. Despite our best efforts, technicians—especially less experienced ones— sometimes perform the right action on the wrong device. By integrating smart workflows with rack-level access controls, you can create another line of defense against these inadvertent but potentially disastrous errors.

The bottom line: If you haven’t yet evaluated the Raritan SmartLock™ solution, you definitely should. Just read our recent white paper or visit our SmartLock™ webpage to learn more.