We discuss the following topics in this blog:
- Growing Threats to Global Data Centres
- Vital Steps to Preventing Data Centre Breaches
In addition to these topics, we shall also be answering the following FAQs:
- What is a Data Centre?
- What is WiFi?
- 0.1 Growing Threats to Global Data Centres
- 0.2 Preventing Data Centre Breaches: Vital Steps
- 1 FAQs
Growing Threats to Global Data Centres
Although 2020 will forever remain burned in memory for a very different reason, who else remembers that infamous Twitter data breach that saw 130 high profile accounts targeted, including tech goliath Elon Musk, past American presidents and corporations like Uber? The attackers took off $121,000 worth of Bitcoin via nearly 400 transactions after posting a deceptive message on the hacked accounts!
If this isn’t telling evidence of the growing threat posed to global data centre security, then we don’t know what is. Here are a few eye-opening statistics to consider:
- Over 36 billion records were exposed due to data breaches in the first half of 2020
- As of 2020, on average, every data breach costs $3.86 million
- In 2020, the average time to identify a breach was a staggering 207 days
- In 2021, global cybercrime costs are expected to hit the $6 trillion figure annually
- Hackers attempt a cybercrime attack every 39 seconds, i.e. 2244 times a day
So, why are these security breaches on the rise? Today, we live in a time and age where an entire universe of personal, professional and sensitive data exists on the internet – and will continue to expand exponentially as 5G, cloud and technologies like IoT become mainstream. The backbone of this universe is naturally the global data centre infrastructure that will seriously need to up its security game if we want to prevent catastrophic data breaches, identity thefts and cyberattacks in the future.
Preventing Data Centre Breaches: Vital Steps
In 2020, the digitalisation wave began to sweep the data centre industry, owing to the rise of cloud computing and the switch to remote working. Riding on this wave, as per economic times by the end of 2021, end-user spending on global data centre infrastructure is forecasted to reach a mammoth $200 billion.
But as businesses, organisations and colocation providers continue to join the bandwagon to expand and modernize their data centre footprint, data centre security must not be left in the backseat. Doing so can come to bite them in the form of an intentional or accidental data breach that can lead to reputation damage, substantial financial loss, non-compliance fines from regulatory authorities and loss of customer trust. The need of the hour is to implement exacting data centre security standards across the entire stack, both physical and virtual.
On that note, let’s jump right into what the many experts think are the best ways to prevent a data centre breach in 2021 and beyond.
1. Go for the Zero Trust approach
Interestingly, one recently emerging model called ‘zero trust’ architecture can be adopted universally across data centres. What this essentially means is that no device attempting to connect to a data centre should be trusted and only receives the lowest level of privileged access.
While a traditional data centre security model primarily only protects the network perimeter, the zero trust model keeps a watchful eye on the internal networks as well. 49% of breaches result from internal human error and system glitches – which this novel approach can eliminate.
A zero-trust security constantly monitors real-time network behaviour, and data flows, alerting the staff when an anomaly is detected. It can be achieved using advanced firewalls with elite decryption capabilities.
2. Adopt the most effective monitoring and detection tools
A data centre should always have a plethora of perimeter-based security tools that include IP address monitoring, firewalls and AI or machine-learning-enabled intrusion detection systems.
Utilize network-level encryption for securing data between endpoints. For data at rest, implement server-level encryption. Data centre security can also be boosted through a reverse proxy. It behaves like a front-line cache and prevents users from directly accessing static and dynamic content.
To continuously report security events and threats and monitor logs, implementing and integrating tools such as automation, event management (SIEM), and security information is also a must. Regular audits of assets, access protocols and security management processes should be a part of the plan.
3. Implement data centre network segmentation
An essential component of data centre security is to add as many barriers as possible to keep the hackers at bay for a more extended period. That is essentially what data centre network segmentation does by splitting the data network into different components as per endpoint identity.
4. Continuously update servers and systems
Data centres cannot afford to ignore patches released by manufacturers. These are important updates that fix any security holes in a timely manner and eliminate any vulnerabilities that might be targeted by hackers.
5. Compliance matters
It’s imperative to get major data centre security compliances on board, such as HIPAA, PCI DSS, GDPR, ISO 27001:2013, SAE 18, etc. Additionally, data centres must have compliance experts in their team to help enforce the standards and protocols as laid down by relevant cybersecurity regulatory authorities.
6. Amp up physical data centre security
Breaches at data centres are not only limited to virtual attacks. Upgrading the data centre’s security also involves setting up physical barriers, robust infrastructure, surveillance systems, backups and more. This is often a vital layer in the security infrastructure.
The most important thing to consider is the location of the data centre. Ensure that it is not constructed in a disaster-prone area, or near power plants, chemical facilities, airports, etc. The data centre should also have built-in explosive resistance to counter dangerous physical attacks that might occur.
Certain other factors to be taken care of include reinforced concrete walls and structures, securely locked and ground-bolted server cabinets and cages, and environment monitoring and regulation for factors like humidity and temperature. Keeping equipment cool and free from moisture is of utmost importance at a data centre.
Limiting entry points is also a great way to enhance data centre security. Additionally, multi-factor authentication should be a must. This could include retinal scans, fingerprint scans, ID badges, etc. To not lose operational capacity during power outages, always have a backup from USPs and generators. Lastly, ensure that your data backups are in place at all times.
At STL, we have built excellent cloud-native data centre technology that enables enterprises to operate scalable applications in a dynamic environment like private, public and hybrid clouds. In line with the best data centre security practices, our Sensron+ solution is equipped with high speed, highly accurate, and low maintenance Fibre Optic Sensing (FOS) technology – making it ideal for intrusion sensing applications.
As more and more organisations migrate to cloud computing for hosting services and workloads, as per Research and Markets, we will see total investment in data centres shoot up to $432.14 billion in 2025. Thus, it is imperative to get the data mentioned above centre security infrastructure right and prevent highly compromising.
What is a Data Centre?
A datacentre, sometimes referred to as a server farm, is a centralized physical location housing compute resources (high-end servers), storage (SSD, HDD, Flash, Optical), and networking equipment (routers, switches, firewalls, etc.) for collecting, storing, processing, distributing and allowing access to large amounts of data.
Apart from the IT equipment data center also houses environment controls (airflow, humidity & temperature sensors), server racks, power supplies (backup systems, generators), and cabling systems (ethernet, copper, optical fiber). Initially, data centers were introduced to manage the large influx of service requests and store user-generated data. In contrast, it has now evolved to adopt technologies such as virtualization, cloud computing, mobile, Internet of Things (IoT) applications, machine learning, artificial intelligence (AI), and big data analytics.
There are four main types of data centers:
a) Enterprise data centers – Built, owned, and managed by a company for particular use-cases for their target user set. They are usually built on-site but can also be built away from the company premise.
b) Managed services data centers – Deployed, managed, and monitored by a third-party datacentre service provider for a company. The features and functionality can be accessed by the company using a managed service platform (MSP)
c) Colocation data centers – Consist of one data center owner selling space, power, and cooling to multiple enterprises and hyperscale customers in a specific location. The company focuses entirely on running the compute, storage, and networking equipment while the data centre service provider takes care of the space, power, cooling, security, and IT racks.
d) Cloud data centers- An off-site data centre provider such as Amazon Web Services (AWS), Microsoft Azure, IBM Cloud that stores the data of various enterprises. The data is fragmented and stored at various locations across the internet (i.e. datacentres across the world). This offers enhanced security, scalability, management, reliability, customization, and cost-effectiveness.
What is WiFi?
Put simply, WiFi is a technology that uses radio waves to create a wireless network through which devices like mobile phones, computers, printers, etc., connect to the internet. A wireless router is needed to establish a WiFi hotspot that people in its vicinity may use to access internet services. You’re sure to have encountered such a WiFi hotspot in houses, offices, restaurants, etc.
To get a little more technical, WiFi works by enabling a Wireless Local Area Network or WLAN that allows devices connected to it to exchange signals with the internet via a router. The frequencies of these signals are either 2.4 GHz or 5 GHz bandwidths. These frequencies are much higher than those transmitted to or by radios, mobile phones, and televisions since WiFi signals need to carry significantly higher amounts of data. The networking standards are variants of 802.11, of which there are several (802.11a, 802.11b, 801.11g, etc.).