Most data centers I’ve worked in have annex staff/operations areas with open and often active network ports. If they don’t have some sort of NAP or NAC product running on their network or are otherwise diligent about turning off network ports at the switch, it would be pretty easy to pull this off without much effort.
My experience has been similar, although I never probed the staff area to see what could be compromised.
I did use a secure hosting facility once that had pretty phenomenal security. When I was working on my servers, if I needed something, a quick wave to the nearest camera and someone would appear. Kinda weird knowing you’re being monitored that closely even when doing mundane tasks, but that’s what we were spending the big bucks for.