Let's Get Physical: The Evolving Role of Data Center Security
By: Ernest Sampera on August 11, 2014
The data center pipeline is changing. According to Network Computing, for example, many companies are now skipping landlines in favor of cellular technology as a way to manage and control data center operations. With this kind of technological evolution and flexibility brings increased data center security risks – however, these risks are often addressed using virtualized solutions.
But what about direct access to a data center — does getting physical still matter?
Protecting the Flow
Consider the efforts of Yahoo, which recently announced it would be encrypting all traffic flow between data centers. The idea is to protect data in its most vulnerable state — while moving — and the company hopes others will follow suit. This is especially critical in colocated data centers, where traffic not only flows into and out of cabinets but may also move between them.
As noted by a recent ZDnet article, most colocated data centers have solid data center security measures in place. This includes security personnel, locked doors, keycard access, man traps, and in some cases biometric controls such as fingerprint or retina scanners — so it's tempting to see physical data center operations as relatively secure. There are physical challenges, however, that we know aren't always on the radar. How does your data center handle these three critical issues?
Insider threats Employees with access permissions are able to fundamentally alter data center controls, meaning you need a provider that lets you easily monitor and log all access requests.
Non-technical staff This includes janitorial and other workers who have access to the facility but not to your cabinets. It's possible for power cords to get pulled, network cables to get cut, or entire systems powered down owing to innocent mistakes. Does your data center escort non-technical personnel—such as auditors or maintenance workers—during their visits?
Aging Operating Systems This could be Windows 2000 or 2003 server, old Linux variants or UNIX deployments. Not only do these operating systems pose network threats because they're not supported, but updates may require a significant amount of downtime and access to cabinets, putting their physical security at risk. What's the policy of your colocated provider when it comes to OS vulnerabilities?
Striking a Balance
Data center security is a challenge as cabinets become more powerful, user permissions increase, and virtual environments become more complex. Protecting your data requires a solid virtual security policy, such as Yahoo's all-encryption plan, but must also speak to physical threats that lie outside the known and familiar. The ideal provider tackles the challenges head-on to help ensure total data security in storage, use or transit— what's worth protecting in the cloud is worth protecting on the ground.
Subscribe to our blog to get the latest up-to-date data center news.