4.7.2. Data Center and Facility Security Controls
💡 First Principle: Data centers and server rooms are hostile environments for sensitive electronics — excessive heat, humidity, static electricity, fire, and power fluctuations all cause hardware failure and data loss. Environmental controls exist to maintain the narrow operating conditions that electronics require and to detect and respond to environmental threats before they cause data loss or system failure.
Temperature and humidity:
| Parameter | Target Range | Risk if Outside Range |
|---|---|---|
| Temperature | 64–80°F (18–27°C) — ASHRAE A1 | Overheating: CPU throttling, hardware failure, shortened component life |
| Humidity | 40–60% relative humidity | High: condensation on components, corrosion. Low: electrostatic discharge (ESD) |
| Dew point | 41.9–59°F (5.5–15°C) | Condensation risk threshold |
Hot aisle / cold aisle design: Server racks are arranged so equipment air intakes (cold) face the cold aisle and equipment exhaust (hot) faces the hot aisle. Cold aisles receive cooled air from raised floor vents; hot aisles return hot air to CRAC (Computer Room Air Conditioning) units. Prevents hot and cold air from mixing, dramatically improving cooling efficiency.
Power protection:
| Device | Protects Against | Notes |
|---|---|---|
| UPS (Uninterruptible Power Supply) | Brief power outages, sags, surges | Battery backup — provides time to gracefully shut down or switch to generator; typically 5–30 minutes |
| Generator | Extended power outages | Diesel or natural gas; takes 15–60 seconds to start; UPS bridges the gap |
| PDU (Power Distribution Unit) | Power distribution monitoring | Intelligent PDUs report per-outlet consumption and can remotely cut power |
| Surge protector | Voltage spikes | Sacrificial protection; provides no battery backup |
| Line conditioner | Power quality (noise, sags, harmonics) | Stabilizes voltage without battery; for sensitive equipment |
Fire suppression:
| System | How It Works | Best For | Concern |
|---|---|---|---|
| Wet pipe sprinkler | Water releases when sprinkler head activates | General building areas | Water destroys electronics; avoid in server rooms |
| Dry pipe sprinkler | Air-pressurized pipes; water only enters when head activates | Freezing areas | Slower response than wet pipe |
| Pre-action sprinkler | Two signals required before water flows | Server rooms | Prevents accidental discharge |
| Halon (discontinued) | Chemical suppression; removes oxygen | Was used for electronics | Ozone depleting; banned in most countries |
| FM-200 (HFC-227ea) | Clean agent gas suppression | Server rooms, data centers | Safe for electronics and people at design concentrations |
| Novec 1230 | Clean agent liquid-based gas | Server rooms | Very low global warming potential; safe for electronics |
| CO2 suppression | Displaces oxygen | Unmanned areas only | LETHAL to humans — requires evacuation before discharge |
Electrostatic discharge (ESD):
- ESD can damage or destroy electronic components invisibly (no immediate symptom; failure occurs later)
- Controls: anti-static wrist straps when handling components, ESD-safe mats, grounded racks, humidity maintenance (low humidity increases static)
Physical media management:
- Removable media (USB drives, tapes, optical) require classification labels matching the data they contain
- Off-site tape storage for backup — media transported in locked, tamper-evident containers
- Media inventory tracking from creation through destruction
- Transportation through approved couriers with chain of custody documentation for classified media
⚠️ Exam Trap: CO2 fire suppression systems will kill people if discharged in occupied spaces. The exam tests this: "A fire suppression system uses CO2 to protect a server room. What must be true about the room's occupancy policy?" Answer: the room must be evacuated before CO2 is discharged; CO2 systems must have audible and visual alarms with sufficient delay to allow evacuation before discharge.
Reflection Question: A data center in a northern climate experiences a power outage during a winter storm. The UPS maintains power for 20 minutes, but the generator fails to start. Forty-five minutes into the outage, external temperature is −10°C and the CRAC units have stopped. Describe the sequence of environmental risks the data center now faces and the order in which they will cause damage.
