Russ Ernst is Vice President of Product Management for Blancco Technology Group.
Achieving across-the-board security for an enterprise data center can be a major challenge. The same things that make data centers so vital to a business – storage, highly-connected networks and cloud infrastructure support – also increase the number of potential threats to the organization and can open it up to a variety of different types of cyberattacks. In addition to the risks posed by hackers, there are plenty of other, less-publicized threats that should be keeping CISOs, IT pros and data center managers up at night.
Through my consultations with countless organizations regarding data security best practices, I’ve seen and heard it all. Taking these many conversations and experiences into account, I believe there are four hidden security challenges lurking within today’s enterprise data centers:
Employees
Believe it or not, your people are your greatest threat to data center security. No matter how updated your security technology is, if your employees aren’t well-vetted and well-trained, your information will still be at risk. Your staff is a vital part of keeping your data center up and running, so insider threats must be considered – no matter how strict your hiring processes are.
To mitigate these risks, I’d recommend holding continuous data security trainings for employees across your organization – not only in IT, but in HR, finance and other key departments as well. Make sure your employees never rely on someone’s word alone to get past security procedures or secure checkpoints (for example, “I forgot my badge,” or “I’ve been working closely with [Name].” You may also want to consider sending “practice” phishing emails to see how employees respond, or other such situational awareness training tactics.
Physical Security
Physical security should never be an afterthought. Unfortunately, many organizations gloss over physical risks when planning their data center security strategy, focusing more on cybersecurity threats. Even if you have the best cybersecurity plans in place, it’s still possible for individuals to physically threaten your data center. The best way to avoid risk is to have a good combination of both. Consider the following:
- Alarms: These should include motion detection, breakage sensors and door sensors.
- Access Control: Limit the individuals who have access to certain areas/rooms within your data center and use multiple forms of authentication when possible.
- Video Cameras: Focus on inside and outside doors and add at least one in each server room – preferably one per rack row.
- Water and Temperature Sensors: Put alerts in place if pipes break/flooding occurs. Temperature sensors should send alerts if the AC fails and the room/hardware overheats.
Physical IT Assets
The physical security of IT assets is also often overlooked. Many enterprise data centers have loose drives or outdated servers in storage closets. If these IT assets aren’t sanitized in an efficient manner, then they post a substantial risk for the entire organization if they wind up lost or stolen.
Think about it – if you cannot account for a data-bearing device, you can’t be sure if it’s been lost or stolen. I’ve often seen these situations come to light with equipment inventory reports. It’s only then that the enterprise is forced to determine if a breach has occurred and if their data has been compromised.
Whether you’re using physical destruction, software-based data erasure or a mix of both, you need to make sure your IT assets are cleared of data before they ever leave your facility – even if they’re on the way to an ITAD for physical destruction. Security issues can happen in-transit, so it’s always best to erase first.
The Internet of Things
More IoT devices and connections create more unknown variables, bringing new and unforeseen challenges to the enterprise data center.
CISOs and IT Managers should consider a few best practices to safeguard themselves from Internet of Things-related risks – always change the default password on connected devices, consider outsourcing storage and networking functions when possible (the more devices you have connected, the more ways there are for hackers to infiltrate your network) and encrypt IoT data, including stored data to prevent interception.
Ensuring an enterprise data center is protected from cyber threats, as well as physical risks such as rogue employees and unauthorized break-ins and thefts, is imperative for the long-term health of your organization. I’d strongly encourage all those responsible for the safeguarding of their company’s data to keep these best practices in mind while putting their strategies in place.
Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Informa.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating.
