Data Center Security

View Larger Image

The latest post from Mark Kuhn addresses a type of facility that is becoming much more common these days – data centers. One of my last projects as a specwriter, about 10 years ago, was a facility that stored sensitive data for an entire state. It was a huge building with heavy security, and very few people working inside. We had lots of “security vs. egress” challenges on that project, which we worked out with the local AHJ. Maybe Mark’s right and these facilities should be specifically addressed in the model codes…what do you think?

~~~

Ever since I’ve worked with Lori, she’s maintained her “wish list” – things she would like to see either changed or added to the code. Now that I’ve been working with her for a while, I’m developing my own “wish list” and today I want to tell you about one of the items on my list…data centers!

When we talk about “the cloud,” I wonder how many of us understand that we are speaking about a real brick and mortar physical location. There are large buildings located around the country, filled with computer servers, data storage drives and network equipment. We refer to these buildings as data centers.

I don’t pretend to be an expert on data centers, but I have been involved with a few. Here’s what I’ve observed. As you can imagine, SECURITY is the highest priority when it comes to data centers. Anyone who’s ever written a specification knows that finding the balance between security and life safety can be the most challenging part of the job. Typically the owner wants to tilt the scales toward security, and the building and fire codes always have something to say about life safety.

When it comes to a data center, we are dealing with large buildings that hold a lot of equipment but not very many people. The people working in the building are mostly technicians and security personnel making sure that the data stored “in the cloud” stays safe. Because of this, the data center owners want these buildings to be very secure.

Normally this wouldn’t be a problem, we all like our buildings locked up to keep unwanted people out. But in my experience, the goal in the data center is not only to keep people out, but also to keep everything in, and to isolate and separate one space in the building from another space in the building. This is where the goals of the data center clash with the current codes.

Under the current model codes, a data center would fall under a Group B (business) occupancy or a mixed B/S (business/storage) occupancy. This means that we can’t lock anyone into a space or inside of the building. All we can do is use delayed egress locks (to delay egress one time for 15 seconds) or incorporate exit alarms on doors serving the means of egress. This approach does not meet the requirements of a data center.

The types of openings that the data centers would like to see are currently not permitted in this occupancy:

Controlled egress doors – These doors are locked in the direction of egress until they are released by staff or by an automatic release method. Doors with controlled egress locks are currently only permitted in health care units where patients require containment for safety or security.
Doors that are fail-safe – These are doors that are locked in the path of egress and released upon activation of the fire alarm, that are fail secure on the exterior (if the fire alarm cuts power to allow egress, the door remains locked on the exterior). This type of system is now allowed for elevator lobbies, but only with the addition of a two-way communication system adjacent to the locked door.
Control vestibules/interlocks – This is a vestibule configuration where both doors can not be open at the same time – one door must close before the other door can be opened. Control vestibules will be addressed in the 2027 I-Codes.

This brings me to why data centers are on my “wish list.” I believe most everyone thinks that keeping our data safe and secure is a priority and that locking up these types of facilities is a good idea. However, the current model codes do not permit this. I think the model codes need to address these facilities and possibly develop a new occupancy type that speaks to the special needs of a data center.

I’ll end with this…look for future posts taking a deeper dive into data centers and into some of the unique openings that we are asked to specify in these facilities. I’m also interested to know what your thoughts are as it relates to the balance between security and life safety, and the possibility of developing code requirements specifically related to data centers.

You need to login or register to bookmark/favorite this content.

By Mark Kuhn|2024-11-11T11:52:08-05:00November 7th, 2024|Electrified Hardware, Means of Egress|5 Comments

About the Author: Mark Kuhn

Mark Kuhn is an Architectural Hardware Consultant with Allegion, a leading manufacturer of doors and hardware. Mark has worked in the commercial door and hardware industry since 1984. Prior to coming to work for Allegion, he was Vice President/COO of Oscar Henry Company, a commercial door and hardware supplier located in Charleston, West Virginia. As a specification consultant, Mark’s main role is to assist architects by writing hardware specifications and acting as a consultant to the architect concerning hardware applications related to fire, egress, life safety and accessibility codes. He also provides architects with continuing education by conducting AIA certified training. Mark volunteers his time as a DHI instructor, teaching the next generation of hardware consultants. He also serves on national technical committees for NFPA 101, BHMA & PASS, as well as the DHI Certification Council.

Decoded: Control Vestibules in a Means of Egress

Decoded: Elevator Lobby Exit Access Doors

Locksmith Ledger: Model Code Comparison - Controlled Egress Locking Systems

Locksmith Ledger: Model Code Comparison - Delayed Egress Locking Systems

5 Comments

Tom Breese November 7, 2024 at 5:13 pm - Reply

Haven’t specified for a data center myself, but I do understand their operation and their importance. It seems that an AHJ would honor a request to permit controlled egress, fail-safe entries, and interlocked vestibules on a special needs basis for these installations. Yes, I think code changes are warranted.
- Mark Kuhn November 8, 2024 at 10:56 am - Reply
  
  Tom,
  
  I think that you are right, the AHJ’s recognize the need for security and are permitting some controlled egress in these facilities. But it would make their job a lot easier if the model codes gave them some guidance.
  
  -Mark
Charles Anderson November 7, 2024 at 11:41 pm - Reply

I disagree highly

Having seen these,

Getting in is highly controlled.

Once in, normally you have to go through a few more rooms/ doors to get to the equipment or valuables. And need a fob or card to get through the doors.

Most of the time, to egress, it is panic hardware.

To me, if a non approved gets in the building,,,, that is the problem.

The maybe bigger problem, if you are talking a data center, you are talking a clean agent fire extinguishing system.
Some are starting to use nitrogen.
Plus a pull station is required at each clean agent room, for instant dump. If you don’t know not to pull it, it’s dumping.

So no matter who is in the room, when it dumbs, they need to get out or you might be looking at injury or death.

Just my thoughts not to lock down exit doors.

Where do you stop? Just data centers, do you include banks, jewelry stores, post offices, fed ex, and the list goes on.other so called mission essential buildings.

Sorry my points for a no vote. I see your point,,,, but have not seen a problem.
- Mark Kuhn November 8, 2024 at 10:52 am - Reply
  
  Charles,
  
  I really appreciate your first-hand knowledge and your perspective. I always want to fall on the life safety side of the discussion. I just think that these facilities need some special consideration.
  
  -Mark
  - Charles Anderson November 11, 2024 at 1:32 pm - Reply
    
    I agree somewhat,,, but it seems like the codes are getting to specific, when it is not needed.
    
    There are other ways to achieve security and safety. I have seen the same problem for thirty years/ security/safety
    
    Anyway just my four cents

iDigHardware
Answers to your door, hardware, and code questions from Allegion's Lori Greene.

iDigHardware