A huge heat exchanger spewing steam
into the cold February morning air was the only thing distinguishing the
building I was going to from other nearby buildings. This building was a newly
renovated data center that a friend managed, and I was there to check out his toys.

As I walked up to the entrance, I
noticed all the empty concrete planters spaced uniformly around the main door.
Since this was Minnesota, they were just wide enough for two people or a
snowblower to fit through. I remember my friend mentioning the architect called
them, “Intrusion protection without sacrificing aesthetics.”

While waiting at the front desk, I
recalled my friend mentioning the security upgrades that were required due to
the facility changing from a multidiscipline building to a mission-critical
building. The differences being:

  • Multidiscipline buildings are designed to house a data center plus
    office space. These facilities can only obtain basic-security ratings due to
    people working in the building who have jobs that are not related to the upkeep
    of the data center.
  • Mission-critical buildings are single-purpose facilities. By limiting
    access only to those running the data center, and the increased physical security,
    these buildings can obtain higher security ratings.

My friend finally showed up and asked
if I noticed anything different about the atrium. I did notice the floor to
ceiling turnstile. Here is a list of what I missed:

  • All exterior glass is now bulletproof.
  • All window and door hardware is inside.
  • Fire doors are exit only.
  • Security cameras cover 100 percent of the building grounds.

The next step was signing in at the
security desk. The guard asked me for two forms of ID, which I was told I would
get them back when I left. My driver’s license and credit card worked. I had to
turn over my phone and any other electronics I had with me, so there went my
idea of taking pictures. I was then issued a guest pass card (RFID) specific to
me. I used the pass card to get through the turnstile. And I was in, or so I
thought.

Mantraps

This data center requires three
authentications to get to the most secured area.
The first authentication was the turnstile. The next authentication step was
the mantrap. To get into the most-secured part of the data center, employees have to get past biometric scanners.

According to my friend, the mantrap was the key component to securing the data center. Mantraps usually consist of a small
room with two doors: one connected to the unsecured area and the second opening
into the secured area. To gain access to the mantrap from either the unsecured
or the secured side requires using the pass card. If my pass card checks out,
the door unlocks, allowing me to enter the mantrap. Once inside, the door shuts
rather quickly—this prevents tailgating (i.e., having more than one person in
the mantrap at a time). With the door shut, I waved my pass card near the
reader, and the door to the secure area opened.

The mantrap at the data center I visited was a bit unique—it was what
I imagine it would feel like being in a glass jar. Rather than having swinging
doors, the glass door rotated out of the way.

I did not think anything of it when
my friend asked me to carry a box through the mantrap, as he was carrying his
notebook. Once inside, my friend took the box and gave it to his associate, and
we proceeded with the tour. 

When it was time to leave, I held my
pass card by the reader, and the mantrap door slid open. (Did I mention that I
am slightly claustrophobic? Well I am, especially when I’m about to hop into
something called a mantrap.) Once inside, the door slid shut. I waved my pass card
by the reader, and nothing happened. I waved it again and still nothing. The
door would not open.  

I looked up, and my friend had this
huge smile on his face. I said something I cannot repeat here. Next, he started
to call the security desk, because they were the only ones who could override
what I thought was a malfunctioning mantrap. Finally, the door opened, and I
jumped out.

After my friend stopped laughing, he
explained the mantrap weighs the occupant as a secondary measure against
tailgating. A side benefit being the scale is sensitive enough to tell if
someone is leaving carrying more than they came in with or vice versa. Remember
my carrying the box for my friend? Well, I did not have the box coming out, so
the mantrap sensing a different weight prevented the door from opening, and
alerted security personnel. I need better friends.

Final thoughts

I was impressed. I’ve watched movies
where a super-stealthy spy tailgates into a secure facility and has the run of
the place. That’s not likely at this data center from what I saw. I can also
see why bad guys, if at all possible, get what they want using the Internet.