Beyond Firewalls: The Comprehensive Security Architecture Only Data Centres Can Deliver

Key Takeaways

• Data breaches can result in significant financial losses and reputational damage by exposing sensitive information.
• Firewalls are essential, but not enough to protect against modern, sophisticated threats.
• A comprehensive data centre security architecture integrates multiple layers of protection, such as physical security, intrusion detection, encryption, and centralised management.
• Data centre security is scalable and flexible, supporting business growth while maintaining robust protection.
• Compliance with standards such as ISO 27001, PCI DSS, and GDPR enhances security and builds customer trust.
• A full data centre security solution is crucial for addressing evolving cyber threats and ensuring business continuity.

Introduction

Data breaches pose a systemic threat to businesses. They can expose sensitive customer information, potentially causing financial losses and reputational damage. 

By limiting unwanted access and filtering harmful traffic, firewalls are essential in preventing data breaches as they ensure that only safe and approved data flows through. As digital perimeters continually expand, their ability to detect unusual activity is mission-critical in today’s interconnected business environment. 

A robust security architecture integrates firewalls with other security controls to provide visibility, high availability, and dynamic protection. This holistic approach enables data centres to counteract evolving threats in order to maintain operational continuity and compliance. 

In this article, we take a closer look at firewalls being the first line of defence in network security and their role in a comprehensive data centre security architecture. We also unpack why these gatekeepers alone aren’t sufficient for today’s evolving threat landscape.

What is Data Centre Security Architecture?

Data centres are core hubs that host vast amounts of data, to be accessed internally or externally by third parties. Its security architecture describes an extensive set of virtual and physical safeguards, intended to protect data centres from intrusions, threats, and illegal access. 

In a modern enterprise security setting, data centre security architectures ensure integrity, confidentiality, and availability of data across virtualised and cloud environments. Thereby, enabling enterprises to maintain business continuity and regulatory compliance.

As the first line of defence in network security, firewalls are also a key component of data centre security architectures. They create a virtual barrier between trusted internal networks and unauthorised external sources. However, relying solely on standalone firewalls has its own limitations. 

Traditional firewalls don’t adequately protect against sophisticated, evolving threats, so enterprise security must extend beyond firewalls to include a multi-layered approach that integrates physical and digital safeguards.

A multi-layered security strategy combines diverse technologies and policies to protect data centres at multiple levels. As such, it effectively mitigates risks, prevents unauthorised lateral movement inside a data centre, and adapts to evolving cyber threats.

Benefits of a Comprehensive Data Centre Security Architecture

A well-rounded data centre security architecture comes with a host of benefits, including:

• Reduced risk and improved threat response that systematically identifies, assesses, and addresses threats.
• Structured security program with documented controls to demonstrate compliance with regulatory requirements.
• Predefined protocols and response mechanisms that enable swift and effective reactions to security incidents.
• Reliable access to critical information that supports disaster recovery efforts.
• Segmentation and micro-segmentation, blocking lateral threat movement within the network without affecting performance or scalability.
• Customer confidence that enables organisations to concentrate on growth without constant security concerns.

Enhanced Risk Mitigation Through Multi-layered Security

Security architecture in data centres reduces data risks by implementing a multi-layered defence strategy. This proactive approach addresses threats at various levels, be it physical, network, application, and data. 

For instance, intrusion detection systems spot questionable activity within the network, firewalls stop malicious traffic at the perimeter, and automated response tools swiftly isolate affected devices to prevent lateral movements. These layers work together to react to evolving threats, guaranteeing strong security for infrastructure and vital data.

Scalability and Flexibility in Security Architecture

Enterprise expansion and evolving technological environments require scalable security models. As businesses expand their data centre capacity, security architecture must adapt without compromising security or performance. 

A flexible security architecture allows enterprises to integrate new technologies and increase security controls seamlessly. This adaptability supports continuous business operations and innovation while upholding robust security postures.

Components of a Comprehensive Data Centre Security Architecture

A comprehensive data centre security architecture is underpinned by three key components that safeguard digital assets. These components work in tandem to ensure data availability, business continuity, and rapid recovery in case of natural disasters or cyberattacks. 

Multi-layered Security

Data centres that employ a multi-layered security model leverage multiple defence layers, such as physical, network, application, and data, all working in collaboration to offer all-encompassing security.

While the network layer regulates traffic to avert unwanted access, the physical layer protects the hardware and the building. Data security guarantees information integrity and encryption, while application security concentrates on finding software flaws. 

This layered approach is essential for a modern enterprise security architecture as it counteracts evolving threats.

Physical and Logical Security in Data Centres

A comprehensive data centre security architecture also leverages a combination of logical and physical security which includes measures such as motion sensors, surveillance cameras, biometric access controls, and environmental controls like temperature monitoring and fire suppression.

Logical security encompasses firewalls, intrusion detection and prevention systems (IDS/IPS), encryption, and stringent access controls. These layers work cohesively to safeguard digital assets from data theft and tampering.

Network Security Infrastructure to Defend the Digital Perimeter

Network security infrastructure is a critical component of a comprehensive data centre security architecture. In practice, it protects both the digital perimeter and internal communications.

Key technologies within a network security infrastructure include firewalls to filter traffic at network boundaries, virtual private networks (VPNs), and intrusion detection and prevention systems (IDS/IPS) that monitor and block suspicious activities. 

Collectively, these technologies detect anomalies and respond immediately to threats, maintaining the data centre’s security posture while supporting compliance.

Why do Data Centres Offer Better Security than Firewalls?

Data centres maintain a multi-layered security architecture that extends beyond network traffic monitoring and filtering. This consequently makes them more secure than standalone firewalls. 

To protect assets at every level, data centres integrate physical security measures (such as biometric access), intrusion detection/prevention systems, encryption, and centralised management.

This integrated approach secures and prevents the lateral movement of threats, providing a more adaptive security posture than firewalls alone. In contrast, firewalls are primarily concerned with limiting access at the network perimeter and filtering malicious traffic. 

Enterprise-grade Security Built Into Data Centre Infrastructure

The enterprise-grade security measures offered by data centres are significantly superior to those of conventional firewall-only configurations. They often consist of powerful digital defences like distributed firewalls, intrusion detection/prevention systems (IDS/IPS), as well as micro-segmentation.

Furthermore, they leverage complex physical security measures like biometric access, surveillance, and environmental monitoring. 

This tiered and integrated protection at the network, host, application, and data levels goes beyond traditional firewalls, which mainly focus on filtering traffic at the network perimeter. As a result, it offers a superior security posture that addresses the complexities of evolving cyber threats.

Integrated Security Solutions for Enterprises

Data centres employ unified management systems that provide real-time monitoring, centralised policy enforcement, and immediate threat mitigation. Their security teams can correlate events across virtual and physical assets while maintaining consistent security standards across multiple environments.

Standalone firewalls lack these unified capabilities. As such, they cannot dynamically adjust to counteract evolving threats. Consequently, they fall short in meeting the compliance, security, scalability, and business continuity needs of modern enterprises. 

Data Centre Compliance and Security Standards

Maintaining compliance is a strategic imperative that strengthens a company’s security posture and reputation. Security standards and compliance frameworks ensure that data centres operate in line with established legal, regulatory, and industry benchmarks.

These regulations and benchmarks are continuously designed to protect enterprise data confidentiality, integrity, and availability. 

Ensuring Data Centre Compliance: A Critical Security Layer

Data centre compliance revolves around strict adherence to key standards like ISO 27001, PCI DSS, and GDPR. These standards impose rigorous requirements for data protection, privacy, and operational security.

For example, ISO 27001 offers a comprehensive framework for controlling information security risks through controls, policies, and continuous development. GDPR imposes strict data protection and breach reporting requirements for companies handling the data of EU citizens, while PCI DSS focuses on safeguarding payment card information.

As a provider committed to upholding the highest standards, AIMS’s data centres are certified with globally recognised frameworks including ISO 27001, PCI DSS, and SOC 2 Type II, and operate in compliance with GDPR-related practices. This positions AIMS to support customers’ compliance needs, particularly those operating across regulated industries or international markets.

By adhering to these rigorous controls, data centres significantly reduce the risk of data leakage and enhance overall resilience. This, in turn, builds customer trust in an increasingly competitive global market focused on data protection.

Impact of Compliance on Enterprise Security Infrastructure Malaysia

Malaysian enterprises face specific compliance challenges, including the need to align simultaneously with local regulations and international standards set by global partners.

Navigating these overlapping requirements demands data centres that are both locally compliant and capable of supporting diverse regulatory frameworks. Compliant data centres strengthen enterprise security infrastructure by providing certified environments that ensure secure processing, data privacy, and reliable access controls. 

With access to compliant data centres, Malaysian businesses can confidently expand regionally and globally while managing risks more effectively. These data centres also help enterprises streamline audits and minimise the risk of regulatory penalties. In turn, this builds customer trust in an increasingly competitive global market where data protection is paramount.

Conclusion

Firewalls serve as digital gatekeepers. However, on their own, they’re no longer enough to handle the complexity and sophistication of today’s cyber threats. That’s why modern enterprises must adopt a full data centre-based security architecture. It is a strategic necessity, not a luxury.

A multi-tiered data centre security architecture helps protect sensitive data from lateral attacks, effectively countering both physical and cyber threats. Traditional firewalls alone, however, often lack the flexibility needed to keep up with today’s constantly evolving threat landscape.

Overall, data centre security architectures bring together diverse security technologies to improve visibility, control, and rapid threat response across the entire enterprise environment. By combining physical safeguards with advanced digital protections, they help support compliance, ensure operational continuity, and enable business growth.

If your enterprise is looking to strengthen its cybersecurity posture, consider partnering with experts like AIMS. Our advanced data centre security architectures are designed to be flexible and scalable, tailored to suit organisations of all sizes and levels of complexity.

Whether you operate in a highly regulated industry or need security that can keep pace with rapid growth, we help you stay ahead of evolving cyber threats while ensuring business continuity at every stage.

The data centre ecosystem is experiencing an ongoing period of accelerated growth. As data consumption continue to grow and demand for data management also go up across the world, data centres became the focal point for next-gen innovations, marketplace transformation, and industrial development.

As is, massive volumes of data are being rapidly generated due to the rising acceptance and quick adoption of virtualised productivity platforms and cloud computing over the last decade. Both – as digitisation enablers – have become digital economic critical drivers.

The re-emerging interest for artificial intelligence (AI), specifically Generative AI (GenAI), has also become a key contributor to the recent growth surge for data centres. According to McKinsey, GenAI demand will continue to rise and data centres are expected to meet these new usage capacities. Its new study revealed how a large chunk of these growing needs require dedicated capacity to host and manage advanced AI workloads.

When paired with wider adoption of smart devices that collect user data and constantly generate new content that is then stored and managed, these next-gen digital trends will ensure data centre demands remain supercharged for some time to come.

As user data – from personal, to business, and everything in between – continue to grow, business-related digital assets are also scaling rapidly. In fact, growing volumes had pushed operational databases to set new record-breaking milestones. According to Business Research Insights, large volumes of data – comprising system and operational data that have been generated, stored, and managed on a daily basis – are seeing significant growth rates.

One of its recent industry reports had projected the market size for database volumes growing from US$47 billion in 2023 to an estimated US$62 billion by 2032. This is due to the rapid digitisation of various industries and increasing need for real-time data processing.

Beyond ongoing efforts to deploy new digital solutions that accelerate transformative processes in business operations, managing operational databases have also become critical for many data-driven and high-performance industries. These include the banking and financial services sector – comprising fintech, banktech, and insurtech; healthcare and health management; heavy industries, like manufacturing and logistics; and digital retail.

To meet this explosive increase, vendors and corporations in the technology sector, including those leading Big Tech, are looking to upgrade and expand their data centre capacities. Beyond that, there also massive plans to build new infrastructure across the Asia Pacific.

Next-Gen Digital Services

As the data economy is now recognised as a critical growth driver, there is a clear need to focus on powering and accelerating digital transformation across all business verticals.

Malaysia started its journey on this path to growth and pushed hard to quickly grow its digital economy. In fact, it is now at the crux of reaching a new milestone of growth through the recent investments for data centres from Big Tech that have been announced over the last 18 months. While considered initially as spillovers from restrictive controls for data centre expansion for its neighbours, these new data centre deployments into Malaysia had encouraged many others to consider a similar move.

These latest turn of events for the data centre sector, which have been impactful to Malaysia’s digital economy, have become critical drivers for economic growth. More importantly, these investments provide enough supply on the infrastructure side to address the rising demand for data consumption and processing capacities.

Beyond the Big Tech push and government driven initiatives that drive forward the digital economy, various digital solutions that focus on helping businesses start and accelerate their digitalisation journey are now critical enablers as well.

Solution providers have collectively taken to call this rapidly expanding market segment as “Managed Services”.

With digitalisation now trending and powering socio-economic growth, businesses will need to consider what they should invest in to streamline and optimise their operations. This includes weighing on the best options for data management and storage policies, talent management, and planning future scalability. These points of consideration are still necessary even when businesses subscribe to self-service licensing plans with Big Tech.

Rolling out Managed Services with integrated solutions vendors (ISVs) is another option that can be considered as businesses only need to plan on where they need to store their operational data. This can be deployed as off-premise, cloud-based, or hybrid, so long as business decisions are aligned to data regulatory requirements and governance.

Beyond these two options, data centre service providers – due to their comprehensive and highly supportive tech ecosystems – can also help businesses digitise as they offer end-to-end solutions that run on large computing capacity and advanced management capabilities. These data centre powered Managed Services can deliver:

• Advanced innovations that deliver zero downtime and high-performance functions
• Built-in data centre management tools and features
• Comprehensive cyber-security and data recovery services
• Diverse network infrastructure and next-gen innovations
• Enhanced monitoring and licensing management controls

All these features that Managed Services offer focus on optimising operational functions. In terms of next-gen innovations, there are data centre stalwarts like Malaysia-based AIMS, who had developed digital platforms that provide specialised operational functions.

What AIMS specifically developed, called AIMS Enterprise Integrated Solutions that consists of AIMS Cloud Exchange (ACE) , DC Inter-Connect, and Campus Cross Connect – all three are focused primarily on delivering maximum uptime and true business continuity. With the former, it provides a direct connection between hybrid solutions –  physical colocation and cloud platforms – to support seamless connectivity and instantaneous processing of data. As for the other two, they are dedicated advanced network infrastructure that link up multiple data centre campuses and bridges those that are within close proximity of each other.  These functions establish an uninterrupted connection with high availability and redundancy that provide comprehensive support and backup capabilities to ensure there is no loss of operational continuity.

Having these proprietary innovations enabled AIMS to offer a comprehensive integrated solutions that offer inter-connectivity between its data centres and operating stacks. When deployed, these innovations not only provide advanced network functions and connection capabilities, they also come with advanced disaster recovery, data redundancy, and backup features. All these focus on delivering zero downtime performance for business operations.

These innovations that AIMS developed and deployed are some of examples of advanced solutions that power next-gen data centre functions that focus on empowering businesses. What AIMS offer, alongside other all-new innovations that are being developed across the data centre ecosystem, are designed to address continuous demands of data consumption and higher volumes of data-sets being generated.

Data Driven Development

As is, the explosive growth of data have directly impacted socio-economic development across the world. Of course, this digital economic growth trend is not limited to specific regions as there have been various accelerated digitised transformations across the world.

These can be seen in the billions of network connections and data streams that have come online to power the digital economy. A new industry report from Huawei that came out in late October 2024 – Huawei Global Digitalization Index 2024 – compiled the following 2023 key figures for global digital demands:

• 7.939 billion mobile broadband connections
• 12,548 exabytes of global data volume
• 5.768 billion smartphones in use
• 30% of energy from renewable sources

These data points have been derived from various sources, such as International Telecommunication Union (ITU), World Economic Forum, and the World Bank, and had been measured against a comprehensive research framework that Huawei developed with the International Data Corporation (IDC).

Notably, Malaysia placed within the Top 30 and being ranked sixth on the list acknowledges how it is quick in the region to be forward thinking with digitalisation. With how things have developed over the last 30 years, Malaysia is certainly on track to accelerate the digitisation of various economic growth engines and widen the impact of its digital economy. This can be seen in its continuous exploration and development of next-gen infrastructure and digital solutions that help businesses to embrace the digital economy.

What does this all mean for digital services and Managed Services as a whole?

All the ongoing digitalisation, which powered the transitioning of critical industries, economic drivers, and other various sectors that helped drive forward the digital economy, are dependent on connectivity and data. This, in turn, continues to significantly contribute to the growth of massive data-sets that need to be stored and managed. In its Digital Progress and Trends Report 2023, the World Bank noted how digital infrastructure – a pre-requisite for the adoption of digital technologies by default – scaled alongside rapid technological advancements and played a key part in catalysing the explosive growth for demand in data.

Malaysia had the same growth drivers for its digital economy and, like the rest of the world, saw a jump in demand for enterprise class solutions and business management capabilities. As businesses move to digitise and consider options that Managed Services can provide, new policies have also begun to rollout to ramp up the growth rate of the digital economy. This can be seen in the recent push for mandatory electronic invoicing and ongoing discussions to develop new AI and cloud regulatory frameworks and adoption plans.

Regulatory Revisions

With the digital economy now a major economic driver, especially for Southeast Asia as a fast-growth region, there is a clear need to update current regulations and develop new policies that properly manage the constantly changing digital landscape. More importantly, they must encourage and enable businesses to scale and accelerate through digitisation.

Creating a digital-first and industry-focused regulatory landscape is the first step forward. Malaysia also announced that there are plans to draft new power and water usage efficiency (PUE and WUE) guidelines for data centres. Additionally, it is also planning to draw up new frameworks that will drive forward the adoption of AI, power next-gen digital innovations, and accelerate Malaysia’s digitalisation efforts.

Beyond driving the digital economy forward, these new regulations and policies will also be the catalysts that drive up the adoption and deployment of Managed Services that data centres, ecosystem enablers, network providers, Big Tech, and various ISVs offer. From supporting grants and loans; to enabling operational and long-term sustainability; and ensuring maximum business continuity and improved operational efficiencies, regulatory frameworks play a crucial role in how the digital economy moves forward.

As data-sets and overall consumption of data continues to rise at a rapid rate, businesses will need to consider how they manage their data, specifically where it will be hosted in; how much protective oversight is needed to mitigate controversial and malicious content; and what data privacy measures are needed to manage, process, and protect these data pools.

This is why revisions to regulations and policies for digital platforms, the data economy, and next-gen economic drivers are necessary. When there is none to update, new regulatory frameworks must be developed to address new and upcoming industry issues and challenges that digitalisation will bring forth.

With GenAI, new cloud computing systems, and higher adoption rate of advanced network technologies and digital innovations now being big focuses for Malaysia, especially with the new digital economic frameworks being drafted, it has become a hotbed of innovation. These are clear indicators that ongoing growth for data centres will not slow down any time soon. Likewise, the business digitalisation will also continue to experience accelerated growth and will directly impact demand for Managed Services and various digital functions.

The data centre space is seeing booming growth across the world over the last 18 months, with the US and Asia Pacific (APAC) leading in terms of processing and power outputs. According to a recent report from commercial real estate services and investment firm, Coldwell Banker Richard Ellis (CBRE), data centre inventory for the US and APAC had seen, respectively, a year-on-year increase of 24.4% and 22%. Similar growth insights have also been reported in the 2024 Global Data Centre Index from DC Byte, with APAC taking the lead with a 19.1% compound annual growth rate (CAGR).

Figure 1: Rapid growth for data centres is now a global trend.

Another market research report, specifically from Jones Lang LaSalle Incorporated (JLL), projected a compound annual growth rate (CAGR) of 7.8% for the overall density of processing racks that are deployed within hyperscale data centres.

By 2027, the average estimate for rack density is expected to reach around 50kilowatts (50KW) per rack, surpassing the current average of 36KW. While the increase in performance throughput is impressive in terms of potential scale, it is quickly becoming a major cause for concern as well when these actual values are translated into energy usage.

As is, the concern of power shortage – alongside water use, lack of a skilled workforce, advanced infrastructure deployment, and extended oversight across various public stakeholders – are now major topics for the data centre sector. These industry issues, which will dominate the narrative for the 5 to 10 years of growth, will be critically impactful to current and future policy-making.

Figure 2: Critical data centre issues to consider.

Powered Concerns
Currently, growing demand for megawatts (MW) and gigawatts (GW) of power have been a major hot-button topic, due to next-gen computing hardware, equally as powerful cooling systems, and connected platforms that these data centres empower across various networks and operational processes.

To set the stage for deeper discussions on this issue, the International Energy Agency (IEA) put out a study in January 2024 that reported how overall electricity consumption is expected to grow at an average of 3.4% from 2024 through 2026.

The report also shared how these gains are powered from various electrification efforts across Asia, specifically China, and the accelerated expansion of the data centre sector. For the IEA, data centres – along with artificial intelligence (AI) and crypto-currency – could potentially double their overall consumption of electricity by 2026.

This massive demand for power, due to the growing surge in data centres being deployed, had pushed Singapore to introduce a moratorium on data centres in 2019. The main driving factor for this move is to better manage the considerable energy consumption from data centres that are coming online in stages. At the time, 7% of its total electricity usage comes from this growth segment of the data and digital economy, with projections putting the anticipated usage at 12% by 2030.

Malaysia is likely to face similar issues as well when multiple data centres start powering up in the coming months. To-date, based on the multiple deployment announcements over the last 18 months, the country will see 17 data centres in Selangor coming online by next year. When added onto the 70 or so data centre sites that are operating around Malaysia, that brings the total to an estimation of 90.

Figure 3: There will be a accelerated growth for energy demands.

All of them will directly contribute to expected jump in power demand, a value that Public Investment Bank Berhad believes will balloon from 990MW to 1,400MW by 2029. The same report, which is an extensive research on the data centre market from July 2024, also noted how the power utilities provider, Tenaga Nasional Berhad (TNB), had received applications from 10 data centres that are requesting for a total energy demand of up to 2,000MW.

Certainly, there is a need for updated regulations that ensure that TNB has enough capacity on the national power grid and will continue to expand its reserves. While reserves are marginally high – at an estimated 40% right now – there must be active strategies that will ensure more is done to ensure long-term sustainability.

Critical focus for energy usage efficiency for the digital growth ecosystem is now a primary focus as current regulations and new policies have put the spotlight on green and renewable energy. These include initiatives that are sustainable and can be ramped up as they are expected to become mainstay focuses for Budget 2025.

Operational Shortages
Increased power consumption is not the only concern for data centres. Growing water usage, needing a highly-skilled workforce that has the right skillsets, and deployment of high-tech, high performance infrastructure are also in the spotlight.

According to a recent report from The Edge, a typical data centre consumes an average 1.1 million gallons of water per day (4.2 million litres per day – 4.2MLD). While there is the caveat that each data centre will have different levels of usage, it is usually due to their level of operational efficiency. This is mostly due to the precision cooling systems that are being used – this includes air, chilled water, and refrigerant systems that are used to keep the high-performance hardware cool while operating under heavy loads.

The high consumption had even spurred Johor to consider rainwater collection and recycling waste-water processes to be considered for upcoming data centre deployments. The latter is something Amazon Web Services had already implemented for 20 data centre locations.

Beyond water concerns, there need for skilled talent will grow at an accelerated rate as 17 data centres across Malaysia are expected to come online in 2025. In terms of technical skill-sets, deep experiences in project implementation; health and safety; and solution and structural engineering are the permanent flavours of the month since 2020 and it will remain this way until beyond 2030.

Addressing this must go beyond current industry and educational engagements. While there are efforts to educate the next-gen workforce and provide various upskilling and re-skilling programmes for current digital talents, more can be done. This includes initiating policy changes that will focus on digital talent development and drafting new processes that spur workforce transformation.

In doing so, talent development initiatives can be implemented on a shorter time-frame. Critical results from this move include enabling foreign talent trade, fast-tracking knowledge transfer, and empowering public-private collaborations to power programmes that will meet growing demands for a skilled workforce.

While there are many regulatory incentives that power workforce upskilling, re-skilling, and enhancements efforts, as seen in various workforce transformation programmes that have recently appeared, most do not directly align with the current and new requirements of data centres.

Infrastructure Potential

Figure 5: The two major focuses for core network deployment.

Regulations for usage of natural resources and workforce management are not the only policy driven growth drivers for the data centre sector. There are also ecosystem enablers, such as external linkages; network versatility; and continuous growing demand for AI and all things related to AI, machine learning, and automation. Of these, the former is critical as it directly impacts the decision to deploy more data centres as increased network capacity from new submarine cable landings is a huge reassurance to all that there is a long-term view for growth.

The most recent development is the confirmation that two new submarine cable landing stations in Johor that have been proposed for deployment. Both are expected to boost connectivity capabilities for data centres that will be coming online in that state. As is, the need for more submarine cable landings are important as it directly impacts global network latency and overall performance. With the growing demand for data centre deployment in Malaysia – partially due to Singapore’s moratorium that is now lifted partially; the industry-positive policies that are being put in play; and other encouraging factors, such as affordable pricing for energy and water, active engagement to drive forward workforce development, and ongoing rollout of next-gen infrastructure – it is clear that there will be similar explosive growth for submarine cables.

Revisiting and refining the cabotage policy that enable cable-laying ships to install, maintain, and repair submarine cables is a good first step. With interest to install and expand submarine cables in the Asia Pacific and Indo-Pacific regions growing at a rapid rate, this critical infrastructure will be under the spotlight in short order. A report from 2020 in Site Selection reveals how growing demand and, with how the data centre sector is now experiencing booming growths across Southeast Asia, it reinforces the fact that landing points for submarine cables will be a major driving factor as well.

Notably, submarine cables – as a fundamental aspect for data centre and network capacity – will be a major focus point for policy-makers. If more landings are considered and implemented, the eventual benefits include making connectivity pricing more competitive, driving up interest to invest into Malaysia, and boosting the overall robustness of Malaysia’s data centre sector and digital economy.

Policy Innovation
Right now there are ongoing efforts to ensure government policies and supportive regulations are in place are very welcomed. In fact, a new set of guidelines on data centre power and water usage effectiveness, respectively called the PUE and WUE, is expected to be announced in the coming months since it had originally been slated for Q3 2024. According to Senator Tengku Datuk Seri Zafrul Abdul Aziz, Minister of the Malaysia Ministry of Investment, Trade, and Industry (MITI), this move will ensure that the new data centres being built must meet the minimum sustainability requirements.

These new guidelines are being developed and implemented under the guidance of the Standard and Industrial Research Institute of Malaysia (SIRIM) and the Department of Standards. With these new standards, the goal for MITI is to ensure that Malaysia can achieve net-zero emissions by 2050. As such, data centres that are coming online in 2025 must meet the minimum requirements, which global institutions have put in place, to manage their high volume of power and water consumption.

Both units are expected to work closely with the Malaysia Digital Ministry and its agency, the Malaysia Digital Economy Corporation (MDEC), as they push forward various optimisations that will help transform the data centre ecosystem.

Notably, government policies and regulations have long been aligned with the growth of the digital economy. While this is a very welcomed trend, especially since it helped push forward the digitalisation agenda for Malaysia, it also brought to light a major concern – having multiple government stakeholders to work with and manage. Even if it is necessary to engage more than one public sector player, especially when it is related to federal and state government processes, there should be a single entity to manage full oversight of the data centre sector. In doing so, it can properly streamline operational development, processing accountability, and policy optimisation.

Currently, total oversight falls within the jurisdiction of multiple ministries: Economy; Natural Resources and Environmental Sustainability; and Energy Transition and Water Transformation. While each ministry and their respective agencies have a critical role to play, the data centre sector must engage with all of them to understand and meet specific requirements to ensure full governance. This is how standards implementation had to rope in three public agencies.

This need for multi-party engagement is not limited to these specific scenarios as growing the digital economy will require national level policy-making. As is, new government policies and roadmaps that have been launched over the last 18 months, which includes various programmes that are being used to build a roadmap for data centre ecosystem regulation; Malaysia Digital Economy Blueprint; Roadmap National Industrial Master Plan 2030; National Energy Transition Roadmap; Malaysia Renewable Energy Roadmap; and Artificial Intelligence Roadmap, are all focused on pushing Malaysia into a new era of digital transformation.

However, they are fragmented and under different oversights with their own respective mandates. Beyond the newly introduced Malaysia Data Centre Sustainability Framework, the rest do not directly address or manage the data centre ecosystem. In fact, some quarters have already expressed their concerns on risk factors that the new data centre framework might create.

Ideally, there should be a single point of authority that can work with the data centre ecosystem to develop and implement new regulatory frameworks. Energy sustainability, water shortage, and workforce development – all of which will be addressed during Budget 2025 – are core issues that data centres contend with as they continue to expand their operational presence in Malaysia.

Notably, while various regulations are being developed and streamlined, a brand-new regulatory framework for data centres is being drafted right now – the Data Centre Planning Guidelines (GPP). Developed wholly through the Town and Country Planning Department (PLANMalaysia), an extension of the Malaysia Ministry of Housing and Local Government, this guideline will focus on the various building plans, implementation of innovations, and management of all related applications for data centre deployment. This draft, once ready to be implemented, might be the first step forward towards a single point of authority and interaction with the data centre ecosystem.

As the digital economy continues to be a major focus for Budget 2025, it is critical that an overarching authority is appointed to oversee this important economic driver and growth agenda.

Core infrastructure for data centres and cloud networks are infamous for its out-of-city locations or needing to be built with a supporting sub-urban housing that ensures easy access for its expanding workforce. In fact, with the latter, the brand-new data centre will automatically boost demand, right from ground-breaking, through the surge in need for talents during construction and infrastructure deployment, and, after that, when it comes online – this usually creates a boom time for the township and outlying communities, new or otherwise.

The same can be said of data centres that directly kick-start the building and accelerated growth of a township. This can be seen in the rapid development of new urban zones across outliers around European capital cities; up-and-coming suburbs across India; and various all-new communities being built alongside newly established data centre parks all over the Asia Pacific.

Notably, major players have already bucked this trend as they have established key operations in downtowns of major cities, such as Chinese Capital, Beijing as well as China’s business capital and technology hubs – Shanghai, Guangzhou, and Shenzen; various business districts within central London; and central zones in Seoul.

Credit: datacentres.com

Malaysia is the pioneer in Southeast Asia that just joined this list, with the opening of a new data centre that sits inside the famed Golden Triangle of Kuala Lumpur (KL), adding innovative presence for data centres in the city’s Central Business District (CBD). The newly established Bangunan AIMS (KL2) – a 7.5megawatts (7.5MW) high-density IT load ecosystem data centre – can offer 20-kilowatts (20KW) or more per rack to meet various high-performance computing loads from enterprises that manage and process high volumes of data; work with massive data load-outs from various networks and multi-nationals that land in Malaysia through the Malaysia Internet Exchange (MyIX), which operates from within AIMS data centres; and is fully prepared for the high bandwidth demand from up and coming artificial intelligence (AI) platforms.

AIMS has other bigger plans beyond making downtown KL a centralised data centre hub with KL2, one of which is having the ability to develop and deploy new data centre innovations. This new deployment also focuses on long-term capabilities that focus on addressing the fast rise of environment, sustainability, and governance (ESG) demands.

Insightful Innovations
KL2 is not the first data centre deployment in downtown KL for AIMS – that auspicious title belongs to Menara AIMS (KL1). Having both operating online at the same time enabled AIMS to deploy a new inter-connection system between KL1 and KL2. Called the AIMS Campus Cross Connect system, it links up both adjacent data centres to create an inter-network link that is highly robust and technologically versatile to ensure it delivers on the promise of providing enhanced redundancies, scalable support features, and resilient connectivity.

All these data centre innovations lead towards key features that AIMS can offer as an exclusive – full up-time guarantee and always-on data centre functionality. These are easily achievable for the KL-based AIMS data centre as it operates on resilient data and networking infrastructure. With this comprehensive capability, AIMS can offer technology functions that can scale alongside the growing operational capabilities of business that AIMS is engaged with; amplify workload output based on their needs; and optimise data management and related functions for these businesses.

Beyond the promise of delivering zero down-time for its newly launched data centre, AIMS had set its sights on boosting its information security offerings as well and push the envelope on other innovations for its latest operation in downtown KL. These include sustainable designs and construction processes; renewable energy deployment; and next-gen green design. All these efforts are part of the continuous push that AIMS undertook to be fully compliant with various environment, sustainability, and governance (ESG) requirements.

Sensible Sustainability
With ESG being closely associated with various economic drivers, sustainable and eco-friendly issues must be addressed when it comes to date centre deployment as well. With its new downtown ecosystem now a part of its expansive offerings, AIMS saw this as an opportunity to expand its ESG compliances.

For KL1 and KL2, AIMS retro-fitted both buildings with next-gen energy and water management systems that prioritised on usage efficiencies, optimization of both natural resources, and streamlining demand to ensure that wastage is kept to a minimum. This can be seen in the renewable energy certificates that AIMS secured via bidding for from Sarawak Energy Berhad – this amounted to 268,800 Hydropower Renewable Energy Certificates for vintage year 2024.

This push for ESG compliance also saw AIMS applying even more energy efficient processes for its all-new 8MW IT load facility at its AIMS Cyberjaya campus. The high-power density AIMS Cyberjaya Block 2 (Block 2) is using chilled-water fan wall cooling systems and advanced automation to measure and control the air flow and temperature within the data centre. Throught technology innovation and creative design planning, the anticipated power usage effectiveness for Block 2 will be 1.5MW and below, even when on set to full-load operations at 20KW output per rack.

All these innovations, along with next-gen network infrastructure and training that helps teach and deploy machine learning models, will also be deployed in AIMS Cyberjaya Block 3. With an even higher load capacity of 12MW, this platform has the option to use liquid cooling.

In putting into place these ESG compliant processes and reinforcing its focus on renewable energy use and optimising its use of natural resources, AIMS is now fast-tracking to become a sustainable data centre provider. Its latest addition in downtown KL not only pushes the envelope for advanced innovations, but also reaffirms its consistent pursuit of sustainable designs and processes. This will propel AIMS further in its efforts to constantly be engaged with the data centre ecosystem.

The second-half of 2024 is officially underway and there seems to be no end of new investments and big movements in the data centres. This is especially true for Malaysia after multiple Big Tech players revealed their respective plans over the last 18 months to deploy their data centre region; artificial intelligence (AI) development and deployment hub; and regional cloud infrastructure.

Just like the data centre sector and the necessary growth milestones that it crossed, this blog is the first step for AIMS Data Centre to put itself out there and become a critical voice that provides extensive discourse for current trends and latest happenings within this fast-growth technology segment.

In short, this is the start of AIMS Data Centre deciphering the in-and-out of this transformative economic driver and making sense of it all.

Case in point, let’s start with these new investments into Malaysia’s data centre space. While it reinforced Malaysia’s potential to grow and transform its digital economy at scale, it also revealed how there is so much latent potential and interest for these high-performance platforms.

According to Malaysia’s national newswire, Bernama, an estimated US$25.65 billion (RM114.7 billion) had been approved for investments into data centre and cloud services deployment between 2021 and 2023. This resulted in the creation of over 2,300 new high-value work opportunities and acceleration research and development into renewable resources and sustainable processes. This is also reiterated in a report from ASEAN Briefing where it projected that Malaysia would see a compound annual growth rate of close to 14% from 2023 to 2029 with trajectories being set at US$3.97 billion by 2029 – a massive increase from US$1.81 billion value of 2023.

While these critical growth numbers will push Malaysia’s digital economy to greater heights, they also raised very pertinent points of concern; specifically, the sourcing of skilled talents; potential shortage of power and water; and overall readiness of current infrastructure.

Figure 1: Data centre investments in Malaysia (2021-2023).

Impact Assessment
Malaysia cannot afford to brush aside these critical industry concerns. As they have been widely reported and discussed on various press platforms and social channels, these issues do have considerable weight, specifically in how they directly impact current growth rates of data centres and future deployments.

Notably, beyond the landmark announcements from Big Tech, which generated all the subsequent excitement that comes with these major investments, new levels of awareness on the impact of data centre deployment have also cropped up.

Taking into consideration that most would have some level of understanding towards the growing trend that is environment, sustainability, and governance (ESG), let’s dive right into how there are growing concerns that natural resources, like power and water, are limited and not enough for future data centre operations.

In Malaysia’s case, reports have confirmed that Malaysia’s current power reserve margin is at the estimated 40% range and is more than adequate to meet current and new power draws. However, this does not mean that the nation is ready. Once the new data centres come online in the next five to 10 years, an estimated 1,400 megawatts (MW) of power, or even more, is required.

Figure 2: Malaysia’s data centre growth faces critical challenges, including power and water resource management.

This is the primary reason Singapore put in place a moratorium on data centres. Even with its lifting in 2022, there are still many restrictions that Singapore enforces for hyperscalers and cloud data centres to ensure energy and water demands do not overtake current and future outputs.

As there are multiple discourses within the tech industry on energy sustainability, general concerns of environmental impact, and how ESG trends can play a critical part to address these concerns, it’s now more critical than ever that the spotlight must shine onto ongoing efforts to develop and deploy renewable energy and green energy sources.

Reinforcing Growth
For the record, Singapore had been clear on how, since the start of the moratorium on data centre deployment in 2019, it wanted to better manage energy consumption and optimise its land use. This encouraged global and regional hyper-scalers and large-size data centre operators to act on their best interests and look northwards for new opportunities that encourage higher capacity rollouts.

With the lifting of its data centre moratorium in 2022, Singapore quickly approved the deployment of 300MW capacitiy data centres being allowed to deploy. Even so, the momentum to deploy data centres into other countries, specifically Malaysia and Thailand, had grown considerably.

Figure 3: The multiple waves of electronics and digital players that opened up a manufacturing presence in Malaysia over the years.

This remarkably large push from Big Tech into Malaysia is not new, as it feels very much like the hey-days of the electronics manufacturing boom, when the likes of Intel, Motorola, Western Digital, Sony, and Panasonic opened massive factories across Peninsular Malaysia.

Likewise, the growing demand for data – from powering generative artificial intelligence (GenAI); higher awareness for the importance of data management and its impact on the decision-making process; and growing demand for improved cyber-security and data protection measures – is now driving the take-up for data centre stacks and processing racks.

As various industries begin to be caught up with being technology-first centric or realigning to be more digitally focused, data centres have become the primary enabler for digital transformation. Notably, this big push into Malaysia is not a quick fad as Moody’s Ratings reported that the expected growth potential for data centre within the Asia Pacific will rapidly expand over the next five years. Based on the latest data centre report from Arizton, forecasted from 2024 to 2029, Malaysia will scale towards having the largest processing and output capacity for data centres in Southeast Asia.

Figure 4: Malaysia’s data centre growth is now powered via the rise in demand for AI, data management, and cybersecurity.

Next Steps
Let’s be clear – Malaysia’s data centre sector is not nascent. In fact, it’s been around longer than AIMS and, with these new global investments, will remain active for many years to come. This is certainly a big wake up call for Malaysia and its neighbours across Southeast Asia.

Beyond offering larger land sizes, the need for skilled talents – specifically, those with adequate experience, and having the right infrastructure in place are equally as important. While the latter is now being proactively addressed via supportive policies to expand next-gen mobile networks and high-speed fibre infrastructure, it is simply not sustainable with an emerging workforce.

It’s worth noting that there are sentiments on how new data centres will boost up-skilling and reskilling of digital talents. Even so, it is crucial that the existing workforce must quickly be equipped with current and new capabilities to meet the explosive needs from data centres.

Figure 5: Malaysia’s data centre growth hinges on skilled talent, right infrastructure, supportive policies and sustainable processes.

As for innovation in the data centre, aside from ramping up the physical hardware that powers it all, there are other ways to bring new value to the digital economy and socio-economic development. Take for instance, the new data centre that AIMS recently launched at the end of July 2024 – Bangunan AIMS (KL2), a 7.5MW system offering 20 kilowatts (KW) or more per rack that operates in the heart of Kuala Lumpur (KL). Not only is this new data centre based at the literal door-step of Malaysia’s new central business district, it also offers robust redundancy via direct inter-connection – known as AIMS Campus Cross Connect – with the neighbouring Menara AIMS (KL1).

This concept, and other data centre innovations that have appeared over the last few years, focus on various improvements and developmental milestones. Beyond amplifying workload output and providing up-time guarantee, it also delivers scalable support facilities, such as always-on functionality and resilient connectivity.

While new policies that streamline and optimise the build-up of data centres for Malaysia will be a major focus, there is a need to keep in mind that a single contact point within the government agencies for industry engagement must be considered. This is to ensure that facilitation between the public and private sectors are seamless and effective. At the same time, market players will also need to monitor the growing demand for processing and energy capacity as various businesses – be it local, regional, and global – embrace the advanced capabilities of data centres.

Keeping these points of consideration in mind will ensure Malaysia is fully prepped to be a regional powerhouse for the data centre sector.