Why Details Matter When Planning Data Center Perimeter Security
It is a common belief that the greatest cause of security failures at data centers involves extremists attempting to gain unlawful access to the property.
This sentiment isn’t wrong, but the reality is more complicated. Another source of potential breaches can be traced to well-intentioned professionals sitting in an ordinary meeting room or on a Zoom call and making plans for one of the 100 gigawatts of new data centers expected to be built over the rest of this decade.
“In my experience working with hyperscale and colocation developers, most physical security failures are not the result of bad actors — they’re coordination problems,” said Teresa Giralt, a data center security expert for Ameristar Perimeter Security. “These are incredibly complex projects where civil engineers, architects, utilities, security consultants, contractors and procurement teams all have to align.”
That’s not to say that an individual attempting to drive their truck through perimeter fencing is not a serious risk. But if the people in those key meetings fail to consider all of the potential soft spots in their security portfolio, they could later incur unbudgeted-for expenses to replace poorly functioning bollards, fences or gates.
Too often in the planning process, Giralt said, details of physical security are treated as something that can be taken up after the data center is nearly complete. Instead, security measures should be prioritized like other core building systems, such as power and cooling.
“When security gets pushed to the end of the process, then value-engineering decisions, unexpected site conditions or simple communication gaps can create vulnerabilities that no one intended,” she said.
Giralt and her teammates say certain avoidable problems can rear their heads while a data center is under construction or not long after it begins operations. Luckily, these unforced errors usually can be avoided with a little forethought.
“These are not sexy issues, but they’re not something that you have to think hard about, either,” said Brandy Byrd Chapman, a data center security expert for Ameristar. “Most of these problems happen because the right teams weren’t brought to the table at the beginning, because people didn’t think that they were needed at that stage. But ‘we'll deal with it later’ is just not an appropriate attitude to have.”
Don’t Get Walled In
Segments of an otherwise effective perimeter fence can be compromised if idiosyncrasies in the data center’s surrounding grounds are ignored. One common example is a retaining wall that abuts the property.
This might seem like a concern for the project’s civil engineers, but if the wall wasn’t designed with the fence load in mind, the barrier may be unstable or too short to meet security requirements.
“We’ve seen cases where erosion or a change in grade created a step-up point that made an anti-climb fence easy to scale,” Giralt said. “These issues usually don’t show up until commissioning or after heavy weather, and by then, the solution often means ripping out and rebuilding sections of perimeter.”
Chapman said this might be the most common customer concern that she hears.
“It’s not unusual for them to call and say, ‘Hey, we have a retaining wall that we didn't take into account during the design. Now we’re in construction and we've got to figure out how to secure this retaining wall with a crash rating in front of it,’” Chapman said. “It's costly and can delay when they turn the data center over to the client.”
Underground And Overlooked
Buried utilities, such as drainage systems or cable conduits, can be another unwelcome surprise, preventing bollards or fencing from being installed to the required depths. If not accounted for in site plans or the work sequencing, these might not come to light until trenching has begun.
“There have been cases where they go to dig a foundation for a fence, and all of a sudden, there's a huge duct bank there that somebody put in ahead of time,” Chapman said. “Now, they have only 12 inches to bury a foundation that should be 36 to 60 inches below grade.”
This can necessitate relocating either the fence line or the utilities, adding to expense and project delay.
Perimeter Problems
Problems might also arise when the perimeter fencing and gate systems are incorrectly selected. Giralt said one reason for this is the perimeter barriers might face very different threat parameters in different locations.
“The fence along a public road has different requirements than the fence near an employee parking lot, a substation or an adjacent industrial site,” she said. “When one fence type is used everywhere, weak points are almost guaranteed. We sometimes see projects that specify crash-rated gates but with a standard fence next to them, which defeats the purpose of the rating.”
Gates, too, require careful selection because they are often the most vulnerable part of the perimeter. Their operation combines mechanical equipment, electronics and human behavior. The wrong gate for the facility might deter trespassers but also inconvenience and delay employees arriving for work or leaving for home.
“We’ve seen issues with incorrect crash ratings, undersized operator mechanisms, poor access-control integration or traffic layouts that force trucks to queue on public roads,” Giralt said. “Fixing those problems can require redesigning traffic flow or replacing equipment entirely. In mission-critical environments, those changes can affect tenant move-in schedules and compliance requirements.”
While it is true that some data centers operate with very small staff, Chapman said newer facilities often include substantial office components. This means the operator must plan for daily traffic flows that can resemble those of other asset classes — but with elevated security needs.
Vanquish The Vulnerabilities
These problems are not insurmountable and need not result in cost overruns. Giralt said one solution is to select products that can be adapted to meet new threat levels. For example, Ameristar’s Impasse and Stalwart fence lines are easily upgraded and reinforced should threat levels increase, making an expensive teardown unnecessary.
But ensuring that security experts are at the planning table from the start is still the best way to avoid future headaches.
“When physical security is coordinated early and treated like any other mission-critical system, those unforced errors disappear,” Giralt said. “When it isn’t, even something as small as a retaining wall height or a utility conflict can create a vulnerability that no one intended, and that’s a risk no operator wants to take.”
This article was produced in collaboration between Ameristar Perimeter Security and Studio B. Bisnow news staff was not involved in the production of this content.
Studio B is Bisnow’s in-house content and design studio. To learn more about how Studio B can help your team, reach out to studio@bisnow.com.
