Admin 31 Aug, 2021 Multifactorauthentication, IdentityandAccessManagement, Remoteworkforce, Datacenter, Zerotrust, VulnerabilityMgmt, Peoplesecurity, DatacenterSecurity #Datacentersecurity 72
In a fast-moving digital era, data is the new currency, growing at an exponential rate. Over the past year, the pandemic has accelerated our data consumption needs. From customer service to internal operations, every business aspect is driven by cloud-based solutions to enable better agility and scalability at lower costs.
With the rising demand for cloud services, collaboration software, and contactless services – there is increased demand for data center capacity. By the third quarter of 2020, Amazon, Google, Facebook, and Microsoft had collectively spent $38 billion on data centers. Why? As per the World Economic Forum, “at the beginning of 2020, the number of bytes in the digital universe was 40 times bigger than the number of stars in the observable universe”. As more and more people dive into the digital realm (social media, telehealth, banking, e-shopping – the list can go on) – the number would continue to increase.
The current COVID-19 pandemic raises important questions about data storage and security. A slew of cyberattacks targeted vulnerable users and core security systems of global enterprises. The data explosion of the past year highlights the need for secure data centers that go beyond just storing your data.
The changing face of data centers and its security
While data centers are designed with disaster recovery in mind, the pandemic introduced new challenges around staffing, supply chains, and access management. The migration of mission-critical services and workloads to cloud computing infrastructure renders data centers a prime target for threat actors. Advanced cyber threats continue to disrupt business operations, destroy key data assets, and cause unplanned data center outages, even worse, hold companies for ransom.
Today’s threat landscape is driven by stealth attacks that are multi-phasic that use a myriad combination of Denial of Service (DoS), unauthorized access, and sophisticated malware insertion across access points. In addition, the latest attacks can easily overcome traditional preventive measures like biometric, video surveillance, and physical security.
It is no secret that no single tool can protect us from all existing cyber threats. However, adopting broader security strategies can significantly mitigate cyber-attack risks. Traditional data center security focuses on the physical security or on-premises security of data assets. But up in the cloud, data security is a different ball game.
The modern data center environment is a dynamic setup where the need for perimeter security is no longer about north-south network traffic protection. Modular data centers, distributed application tiers, and co-location servers require the constant monitoring of east-west traffic patterns.
Datacenter security strategies
There is a growing concern among IT experts, regulators, and data center managers on maintaining the security of data centers. The increasing demand for virtualization, proliferation of applications, and proprietary digital assets call for a defense-in-depth threat protection strategy. Over the last two decades, cloud data centers or software-defined data center (SDDC) have vastly increased the IT prowess, mobility, and availability of information to an organization. But it is in the last two years that data centers have entered a new transformational era. The pandemic highlighted the need for flexible and multi-tenant data centers (MTDC) that can be managed in real-time with minimal to no staff.
Adopt a zero-trust approach
Typically, the zero-trust model has focused on network security architecture. But data centers, especially co-located data centers, could enhance their security systems with a zero-trust approach. Access control tools along with two-factor or multi-factor authentication would help in adding multiple layers of authentication for enhanced digital security.
Undertake training exercises
The unavailability of skilled manpower continues to plague the industry. With a horde of system admin reaching retirement, leaders need to look at training and upskilling their staff to bridge the skill crisis gap. According to Uptime Institute Research, “data centers need to find 300,000 more staff by 2025”. Overcoming the people challenge would undertake institutionalized training specific to data center security.
Regularly update and patch vulnerabilities
Despite the critical role of data centers, organizations fail to secure the digital infrastructure with regular patching and updates. According to the latest research by Ponemon Institute, 60 percent of breaches could have been prevented if a patch had been applied on time. Leaders must assess their cloud infrastructure, especially in cases of shared or colocation facilities, for vulnerabilities and plan for data center downtimes to fix it.
Invest in next-gen remote management solutions
Gartner suggests data center managers invest in new go-to-market models that adapt to a hybrid IT environment of a data center. Data Center Infrastructure Management (DCIM) software with remote management has been a boon for enabling access restrictions, system backup and recovery, risk assessment, and antimalware management.
Remaining competitive in an evolving market requires IT leaders to continuously innovate and streamline data center operations and security. As we look forward to unlocking our offices, it is imperative for organizations to relook their data center security setup.