The general security principles outlined earlier for information security also have application to site and facility design. The CIA triad applies here and guides our application of security principles to this challenge:
- Confidentiality and Integrity: The primary physical threat to confidentiality and integrity is unauthorized access (e.g. intruders and theft).
- Availability: In addition to the threat to availability from unauthorized access, availability can also be compromised intentionally or accidentally by a range of events:
- Environmental events such as fire, floods, storms, or earthquakes
- Infrastructure events such as power outages, cooling (HVAC) failure, floods (from burst water pipes)
The sections below will outline controls that can be employed to reduce the risk from the above vulnerabilities but as with all risks, the security architect must consider all methods of handling risk: avoid, reduce, transfer, and accept.
One can avoid physical threats by selecting facilities that are unlikely to be vulnerable to certain risks (e.g. locating a data center in an area of known geological stability can effectively eliminate the risk of earthquakes, just as avoiding areas of known tornado and hurricane activity can reduce the risk from meteorological events).
One can reduce threats by implementing the security controls (administrative, technical, and physical) outlined in the sections which follow.
One can transfer many physical risks through insurance (fire, theft, business interruption, etc.) or by contractual means (e.g. contract with a colocation or data center hosting provider to provide a secure site and facility, thus relieving your organization of those responsibilities).
Once one has applied the chosen risk management approaches (avoid, reduce, transfer), then one assesses the residual risk to determine if it is within the organization’s risk appetite, or is acceptable to the risk owner. If not, then additional steps must be taken to further reduce the residual risk.