I find it interesting that major financial institutions & government agencies attempt to hide the locations of their Data Centers. How effective can this non-disclosure aspect of security really be in today's media frenzy world? Obviously not too effective since NYSE's new Data Center build is already being talked about in Data Center Knowledge & The Bergen Record.
http://www.datacenterknowledge.com/archives/2009/05/04/financial-data-center-hiding-in-plain-sight/comment-page-1/#comment-3718
Even if details of this site location go unpublished, word from employees & vendors who support this site certainly will spread. I'm not saying that we should broadcast in neon lights the location of this Data Center, but if a new Data Center is constructed covering all 4 disciplines of security {Physical, Operational, Logical & Structural} POLS, will it matter if the public knows where the Data Center is if the security is thoroughly covered. It isn’t likely that the NYSE can really hide the whereabouts of its ~400K square foot Data Center anyway. Most Data Center designers cover Physical & Logical security systems thoroughly as those disciplines are maturing. What is often not covered thoroughly is the Structural Security, organizations become too focused on getting a CO and getting the new Data Center live that they often don’t cover themselves from the structural threats of fire, water, theft & wind.
How many Data Centers are built with a 20 minute fire rated door? How many Data Centers are built with more than a 10-15 minute Class 125 rating? The real interesting aspect to this point is that there are new building materials that can cover Structural Security and omit these unnecessary exposures while actually constructing the facility & obtaining the CO faster.
http://www.datacenterknowledge.com/archives/2009/05/04/financial-data-center-hiding-in-plain-sight/comment-page-1/#comment-3718
Even if details of this site location go unpublished, word from employees & vendors who support this site certainly will spread. I'm not saying that we should broadcast in neon lights the location of this Data Center, but if a new Data Center is constructed covering all 4 disciplines of security {Physical, Operational, Logical & Structural} POLS, will it matter if the public knows where the Data Center is if the security is thoroughly covered. It isn’t likely that the NYSE can really hide the whereabouts of its ~400K square foot Data Center anyway. Most Data Center designers cover Physical & Logical security systems thoroughly as those disciplines are maturing. What is often not covered thoroughly is the Structural Security, organizations become too focused on getting a CO and getting the new Data Center live that they often don’t cover themselves from the structural threats of fire, water, theft & wind.
How many Data Centers are built with a 20 minute fire rated door? How many Data Centers are built with more than a 10-15 minute Class 125 rating? The real interesting aspect to this point is that there are new building materials that can cover Structural Security and omit these unnecessary exposures while actually constructing the facility & obtaining the CO faster.