For someone who lectures so often on cloud computing and information security generally, it is pretty amazing that I had never - until recently - toured a datacenter.
Only recently did we find a datacenter that, after three rounds of negotiation, produced a contract that protected the interests of Sensei and our clients. Let me underscore that datacenters WILL negotiate - not the larger providers, perhaps, but the small ones are happy to get your business and will make changes.
The first thing I noted was the tall metal fence surrounding the datacenter - and plenty of external cameras. Simply to enter the facility, there were three doors in sequence requiring some combination of prox card and biometric access. Of course, badges are required and visually inspected. Each person is required to badge in at each access point and no "tailgating" is allowed. To get into the actual facility where the racks are took another round of biometrics as did entry into the room holding Sensei's racks. Combination locks are on each company's racks. There is a master key that the datacenter holds, but it is required to advise us if that key is used and tell us why it was used.
And it was COLD, which makes all that equipment very happy. Sprinklers abounded. There were numerous cooling towers. Cameras watched our entry at all points - and there were even cameras watching the watchers in the reception control room. Packages go to a loading dock for their own inspection. Rooms which can hold up to 20 people are available for emergency rental in the event of a disaster so a business which has, say, lost its facility due to an explosion, can pull its critical people together in one place and continue to function.
It's pretty lonely in a datacenter. Since equipment is accessed remotely, rack owners need to physically go there only when installing or pulling out equipment. We ran into two other people and the room holding our racks was empty but for us.
This was a dream field trip for a geek - and there were lots of security measures I have not described here to avoid penning an epic novel.
Lots of folks have questions about the wisdom of moving their data to the cloud - I feel like I have some better answers now having actually toured a datacenter. The timing was great because we are offering our next Sensei Pub Night presentation on September 19th from 5-6:30. The title is: "Is it Time to Move Your Data to the Cloud?" If you're in the D.C. area, feel free to e-mail me at the address below if you'd like to attend. Hope to see some of you there!
E-mail: email@example.com Phone: 703-359-0700