Skip to content

Data centre security for owners further information

Last Updated 26 February 2023

Geography and ownership security

In the UK, GDPR sets out principles data controllers must comply with. Understanding regulations on data security in the country where your data centre is located is important. Some foreign governments may mandate access to data that limits your control and ability to provide assurances.

Read more

Data centres’ physical perimeter and buildings

In most data centre operating models, the security of the perimeter, site, and building will be the responsibility of the operator. To successfully mitigate the risk of an attack, it is important to understand how threats to your site, workforce or assets can manifest themselves.

Read more

The data hall

In addition to the layered security you provide to protect data halls, data owners should be encouraged to implement extra security measures and controls on the perimeter of their own networking equipment. 

Read more

Meet-me room considerations

Data centre operators should strictly control access to meet-me rooms (MMRs). You may decide not to allow customers access to view security arrangements. However, it is important that MMR security details and assurances are provided during tendering under a non-disclosure agreement.

Read more

People security considerations

It’s important to mitigate any security and ‘insider’ risks by having a robust and integrated ecosystem of policies, procedures, interventions and effects. These include optimising use of people by improving measures to detect, deter and disrupt hostile actors during the reconnaissance phase of attack planning.

Read more

Supply chain considerations

Attackers have both the intent and ability to exploit vulnerabilities in supply chain security. However, before you can do anything to secure your supply chain, you need to understand the risks (and benefits) you are taking on by engaging suppliers delivering products, systems and services.

Read more

Cyber security

Data centres are a valuable target for threat actors seeking to steal data or disrupt operations and services. Data centre owners should assume that a cyber compromise is inevitable. We advise taking steps to detect intrusions and minimise their impact and preventative cyber security measures.

Read more

Did you find this page useful? Yes No