Securing your datacenter is a multi-faceted enterprise. The concept of securing a datacenter refers to a combination of cyber and physical safeguards put in place to secure resources. Traditional datacenters were located in physical spaces. Modern “datacenters” often exist solely within the cloud.
Datacenter security administrators work to protect both sensitive and proprietary information. Information stored in datacenters commonly consists of customer records, banking details, and electronic payment information.
Securing a datacenter
When securing a physical datacenter, administrators must attend to perimeter-related security controls. From gates, to biometric systems, to personal identity cards, to other identity management tools, physical security for datacenters is critical. In many instances, physical security for datacenters is “baked in,” as through locations in out-of-the-way areas and weather-proof building materials. Broadly speaking, datacenter architects attempt to build in the optimal locations. In addition, many datacenters lack windows, minimizing entry points for potential threat actors. Security guards typically stand inside of datacenters, monitoring for malicious activity.
Organizations can leverage security information and event management tools (SIEM) to provide real-time analysis of a given datacenter’s security. SIEM solutions enable organizations to maintain visibility and control over assets at all times.
As with regular computing networks, datacenter security should consist of layered security. In the way that homes often have a basic lock, a top-lock and a deadbolt, datacenters can follow a somewhat similar approach. Layered security prevents intruders to a greater extent than a single prevention mechanism. In the event that one security layer fails, another security layer will (hopefully) stand up to the threat.
Video surveillance represents a core means of protecting buildings. Closed-circuit TV cameras enable administrators to closely observe the people and processes taking place around the building. Experts suggest backing up camera footage and archiving feeds off-site.
A zero trust security policy can help prevent unauthorized access. Administrators for datacenters must recognize that only a handful of individuals need access to datacenter servers. Well-maintained access lists can provide an additional layer of security.
Web application firewalls (WAF) and their modern contemporary, web application and API protection (WAAP) can be deployed via the network edge. They can inspect traffic going towards and exiting from web applications.
Datacenter redundancies can also assist with security. In the event of a weather-related incident that results in damage to systems, redundancies can help administrators quickly restore data availability. Further, a prominent source of datacenter sabotage comes from accidental human error. ISO compliance can help prevent accidental insider threats.
Datacenter security for everyone
Each datacenter in existence requires security. Some elements of security consist of non-traditional security features, such as multiple power sources, and multiple environmental controls. Determined threat actors may attempt to exploit any aspect of a datacenter’s configuration or system in order to gain unauthorized access. Some threat actors will attempt to use third-party service providers’ systems to move through a datacenter.
In 2013, a well-known datacenter breach occurred when a third-party provider experienced a breach of its payment card readers. After the incident, more than 70 million customers’ data had been compromised. In turn, the CIO ultimately stepped down from his position. By the end of the episode, more than $160 million in damage manifested.
Experts recommend that authorized personnel test datacenter security on a routine basis to ensure that it meets security standards and that nothing is amiss.
Modern datacenters house critical infrastructure and applications. While industry standards exist to help protect datacenters, additional protections can prove useful. As cyber threat actors become more advanced, datacenter security must also continue to evolve. To learn more about datacenter security, click here.