The OTHER Kind of Data Protection

google data center

As marketers or data collectors we spend lots of time thinking about data protection. And Privacy, and Compliance. As individuals we manage opt outs, read about government spying, and despite our best efforts can only make it through the first 2 paragraphs of most Privacy Policies.

From IT professionals securing a massive database against breach, to lawyers specializing in privacy law, to everyday people guarding against personal identity theft, data protection is a big deal in modern life. 

But what about the OTHER kind of protection - like, the phyical location where the data lives. How safe is that building, and where exactly IS it. And where the heck is my data when it's in "The Cloud".

Chances are, its in a data center - a distinctly un-cloud-like facility akin to an enormous multi-story, sprawling factory. How enormous? Microsoft recently announced plans to build a 1.7 million square-foot  data center in Iowa. That's equivalent to 39 acres, or 30 football fields. 

That will be the third Microsoft facility built in the West Des Moines Iowa area. Together the 3 data centers will cover 3.2 million square feet at a cost of $3.5 billion. The facilities are in separate locations, according to city officials, because of potential for tornados. With facilities 5 to 7 miles apart there is less risk of damage to more than one location.

The US has, until this year, been ranked as the least risky place to locate a data center, according to the well regarded Data Centre Risk Index report by Cushman Wakefield. The last report, released in 2013, ranked the US and UK first and second safest. The 2016 report sees the UK at 9th and and the US 10th.

The index uses 10 factors which are weighted in importance. Not all are explicitly risk related, but also assess the business environment - corporate tax rate, cost of energy, ease of doing business. Political stability and potential for natural disasters are more obviously risk factors. The 2016 index ranks Iceland first, Norway second, and Sweden third.

Another report assessed risk a bit differently, using 6 factors all risk related: Risk of Corruption, Conflict, and Terrorism; Unstable Infrastructure, Political Risk; and Disaster Risk. This report ranks the US at 38th, in part due to "government snooping" and laxer privacy laws. It notes that despite those drawbacks, 35% of the worlds computing takes place in the US. This report ranks Switzerland 1st, Singapore 2nd and Iceland 3rd.

Data Centers, especially the big names, take physical security VERY seriously and employ sophisticated measures seen in embassies, the White House, and top secret facilities.

Data centers are being built with foot thick reinforced concrete walls lined with Kevlar. No windows is best, but if there are any they should be bomb and bullet resistant.

The grounds, access points and perimeter should be well equipped with surveillance cameras of various sorts, including motion detectors and low light such as thermal. The property may use landscaping, boulders, moats, gullies, a 100 foot clear zone, and of course a very high fence for protection. 

Air management methods prevent airborn agents that could incapacitate employees from being introduced to the ventilation system from outside. An option to set air to recirculation for ventilation, AC and heating protects by not pulling in outside air in case of bioterrorism (biological or chemical attack).

Vehicle entry points need crash barriers and retractable bollards and gates. Some facilities have guard stations, bomb sniffing equipment, and mirrors to examine under the vehicles.

Humans are often the weak link in data protection - they fall for phishing scams, reveal passwords, and spill coffee on their laptops. Data centers employ sophisticated security measures for the few humans that are needed to run a data center. Biometric scans, double authentication, restricted access within the building, no food or drink outside the breakroom are common strategies. Some data centers are kept in complete darkness and in the rare instances when humans need to interact with equipment they wear miners lamps to find their way.

Increasingly though, humans don't ever touch the servers. Microsoft pioneered the use of shipping containers with racks of servers installed at the factory, then delivered to the datacenter by truck and put into position. Power and cooling is hooked up and thats all that a human is likely to do.

undersea data centerRather than having people go in and fix a server that might fail, it's better to keep the container sealed, and simply let the failed server be. After 5 to 7 years the entire shipping container is unhooked and sent back to the factory to be re-equipped. Microsoft has also begun testing under sea data centers. Microsoft believes the future of computing may reside on the ocean floor in sealed steel capsules.

Global revenue for cloud infrastructure services is about $28 billion. Four US based companies dominate the cloud infrastructure sector: Amazon Web Services (AWS), Microsoft, IBM, and Google. Together they control over half of the worldwide cloud infrastructure service market. AWS is well in the lead with over 30% of the worldwide market share. Microsoft has 11%, IBM has 8%, and Google has 5%.

There are lots of smaller players in the space, many from overseas. Data Privacy laws have an impact on this business, with legalities around cross border data transfers prompting cloud companies to  build regional data centers. Political issues in some countries will also make it easier for companies based in-country to lead in those markets.

Stunning pictures of Google Data Centers


Microsoft's Under Ocean Data Center

10 Amazing Data Centers