By /

Back to: Data Center Physical Security Professional

0

Lesson 6.2: Emergency Procedures (SOPs)

1. Learning Objectives

By the end of this lesson, you will be able to:

  • Critique ineffective SOPs (walls of text) and create effective “Action Cards.”
  • Explain the operation of VESDA (Very Early Warning Aspirating Smoke Detection) and Double Interlock sprinkler systems.
  • Apply the Run-Hide-Fight protocol to an Active Shooter scenario.
  • Differentiate between Fail-Safe and Fail-Secure lock states during a power outage.

2. The SOP: Action Cards vs. Novels

In a crisis, nobody reads a 50-page binder.

  • The Problem: Traditional SOPs are dense documents buried in a drawer.
  • The Solution:Action Cards.
    • A single-page, laminated sheet with a flowchart.
    • Format: “IF [Condition] THEN [Action].”
    • Example: “IF Fire Alarm sounds -> 1. Call 999 -> 2. Check Panel Location -> 3. Dispatch Guard.”

3. Fire Response: Protecting the Data

Fire is the #1 threat to a data center. Water is the #1 threat to servers. We need a system that puts out the fire without destroying the cloud.

A. Detection: VESDA

  • What it is: Very Early Warning Aspirating Smoke Detection Air.
  • How it works: It constantly “sniffs” the air through pipes. It can detect the microscopic chemical byproducts of a wire overheating hours before a visible flame appears.
  • Action: VESDA allows the SOC to dispatch a technician to fix a smoldering wire before the sprinklers ever need to fire.

B. Suppression: Gas vs. Water

  1. Gas Suppression (Inergen / Novec 1230):
    • Floods the room with inert gas. It extinguishes fire by lowering oxygen (or absorbing heat) but leaves the servers running and dry. Primary Defense.
  2. Double Interlock Pre-Action Sprinklers (Water):
    • Fear: A pipe leaking and dripping water on a server.
    • Solution: The pipes are normally filled with air, not water.
    • Trigger 1: Smoke Detector trips -> Valve opens, water fills the pipe (but doesn’t spray).
    • Trigger 2: The heat bulb on the sprinkler head melts -> Water sprays.
    • Result: You need both electronic smoke detection AND physical heat to dump water.

4. Active Shooter / Hostile Intruder

Data centers are high-profile targets. The response protocol is universal.

A. Run (Evacuate)

  • If there is an accessible escape path, attempt to evacuate the premises.
  • Leave your belongings behind.
  • Help others escape, but do not wait for them.

B. Hide (Lockdown)

  • If evacuation is not possible, find a place to hide where the active shooter is less likely to find you.
  • Hardened Zones: A Data Center is full of “Safe Rooms.” The Mantraps and Data Halls often have steel doors and no windows.
  • Action: Silence cell phones. Blockade the door if it doesn’t lock.

C. Fight (Take Action)

  • As a last resort, and only when your life is in imminent danger.
  • Attempt to disrupt and/or incapacitate the active shooter.
  • Tools: Fire extinguishers, chairs, hot coffee.

5. Power Failure: Fail-Safe vs. Fail-Secure

When the power dies (and the UPS fails), how do the doors behave? This is a critical life-safety vs. security decision.

  • Fail-Safe (Life Safety):
    • Mechanism: Power is required to lock the door (Maglock). If power is cut, the door unlocks.
    • Use Case: Emergency Exits, Main Lobby. (People must be able to escape).
  • Fail-Secure (Asset Protection):
    • Mechanism: Power is required to unlock the door (Electric Strike). If power is cut, the door stays locked.
    • Use Case: Server Racks, MMR, Cash Vaults. (We don’t want the vault to pop open just because the power went out).
    • Key: There must be a mechanical override (key) for authorized staff.