With IT organizations of all sizes now being held more accountable for security than ever, it’s become apparent that the level of security provided by a data center operator is now a key point of service differentiation.
Bill Kiss, CEO of Global 1 Research and Development, will detail many of the ways that data security inside the data center can be routinely compromised in a presentation at the Data Center World conference in National Harbor, Maryland, this September.
“IT organizations need to be more proactive, versus reactive, about data security,” Kiss said. “They need to make sure the security they have in place is validated.”
In addition to routine threats, Kiss noted that data centers are now targets in a game of asymmetrical cyber warfare that now occurs between nation states. In fact, everything from customer data to super administrator credentials is fair game for a hacker ecosystem that gets more sophisticated with each passing day.
Not only has the IT security budget become limited, this is a a time when the size of the attack surface continues to expand in the age of the cloud. Kiss said it’s not so much a matter of when a data center will be compromised at this point, but rather how to manage and contain the inevitable breach.
IT organizations should make sure encryption is applied as broadly as possible because most hackers won’t be able to make use of encrypted data, which more than likely means they’ll apply their skills somewhere else that is likely to prove to be more economically beneficial to them, he said.
The first step, of course, is making the effort to truly assess the level of security being applied inside any given data center. According to Kiss, it starts with not relying solely on the judgement of internal IT administrators that by and large are not technically equipped to deal with the true scope of modern IT security threats.
For more information, sign up for Data Center World National Harbor, which will convene in National Harbor, Maryland, on September 20-23, 2015, and attend Bill’s session titled “Improving IT Data Security.”