Significant attention and investment in security capabilities for any data center is highly desirable in order to avoid serious negative consequences from security breaches.
Data center security is a critical issue that needs constant attention and upgrades. Concerns not only include cyber attacks, but also the physical safety of the facility itself. Ongoing security testing is necessary, which includes penetration testing, to attempt to locate security flaws. Moreover, security breaches from within are a major risk as well. Being paranoid about data center security is probably less than adequate. The appropriate response is to be “super” paranoid.
Donald Rumsfeld is famous for his discussion of the “known” unknowns in comparison with the “unknown” unknowns. Rumsfeld got the concept of the “unknown” unknown from a poem by D.H. Lawrence.
An example of a “known” unknown in data center security is the many computer viruses that arise, where their true origin is often unknown. An example of an “unknown” unknown would be the Stuxnet worm attack. This cyber attack came through the “Industrial” Internet (systems that operate equipment). It disabled a large portion of Iran’s nuclear materials enrichment program.
The reason why Stuxnet was unknown is the attack was on industrial control devices, which caused the Iranian centrifuges to go out of control and fly apart. Stuxnet was created by espionage hackers called the Equation Group. Prior to the demonstration of the capability of Stuxnet, it was an “unknown” unknown.
Data Center Security Advanced state-of-the- art security for data centers includes:
Physical Facilities Security – Extensive background checks are necessary for any persons with access to the data center. The behaviors of these individuals are closely monitored to prevent unauthorized activity. Authorized entry is controlled and monitored using biometric identification systems, security patrols, and 24-hour video surveillance. Emergency preparedness plans for facility operations include response to natural and manmade disasters, as well as terrorist attacks.
Monitoring – Cyber security breaches are inevitable. Constant monitoring of unauthorized attempts and rapid sub-network isolation of potential intrusions helps to minimize cyber attack damage.
Encryption – Widespread use of high-level encryption increases the robustness of data protection.
Hardening – The goal of hardening is to eliminate as much vulnerability to a data center operation as possible. Technopedia says hardening steps include, using firewalls, virus protection software, malware removal tools, and keeping the system updated with security patches. For some mission critical deployments, hardware is “hardened” by having a data center facility design that provides protection against damage to electronic equipment from the energy bursts of a nuclear blast and/or solar flare activities and coronal mass ejections (CREs). This may include the use of reinforced, lead-lined underground bunkers and the use of faraday cages to shield electronic equipment.
Data center security includes physical space issues, software control, monitoring issues, and human resource issues, all with a context of interface with a potentially dangerous external environment. No data center is 100% secure. Security breaches can and will occur, often from the least expected places.
Proactive preparation with state-of-the-art system design and high-level security management are the best-practice methods to deal with data center security issues.