Data Center

Network Protection Starts with Basic Data Center Security

Shad Sechrist

According to Betanews and Positive Technologies, cybercriminals can penetrate 93% of company networks. That’s a scary thought, and it means that almost every organization is vulnerable.

 

What can you do to improve network protection? It starts with basic data center security. Consider these four tips to help safeguard your data.

 

1. Keep Up on Firmware Updates

 

Making sure you update firmware on data center devices, such as servers, can lower security vulnerabilities by minimizing weak spots. Using security updates to close these “open doors,” you can ensure better network protection, guard devices from an attack and defend data from breaches. With firmware being such an essential part of data center operations, consider placing these updates on a regular schedule. Otherwise, without maintenance, firmware loses its effectiveness.

 

There are also automated data center management tools that can help you identify which devices need to be updated to ensure network protection.

 

Consistent firmware updates can also improve performance of the devices they affect. For example, updating servers can optimize their performance and enhance energy usage.

 

2. Create and Maintain a Data Center Audit Trail

 

Audit trails—chronological documentation of changes and who made them—can help ensure accountability, provide a starting point for troubleshooting when an issue occurs and track suspicious activity or unauthorized access attempts. They can also support compliance with regulations and standards like PCI DSS, HIPAA and GDPR.

 

For example, every time a connection is changed, the audit trail should indicate who made the change, along with when and why they made that change.

 

Our data center experts have been inside countless data centers that have a posted list of cable connections, but the list hasn’t been updated since it was first created. This renders the information useless and means there is no documentation to indicate what has changed. This can create major concerns in the event of a security incident.

 

We were working with one data center that, in the midst of an intrusion, opted to unplug all connections to stop the attack. While this action was successful at halting the intrusion and reinstating network protection, it also created several new problems. First, once everything was unplugged, the team could no longer tell where the intrusion came from. Second, it took the organization nearly a month to get the data center back up and running. Because there was no up-to-date audit trail indicating the latest connection changes, there wasn’t an accurate record of what should be connected to what.

 

3. Know What’s Connected to Your Network

 

You should always know what devices are connected to your network—and why—as well as what cables are connected to them. When a new device is connected, you should know about that immediately as well.

 

Network monitoring tools can discover new devices being added to a network and instantly gather all relevant information about them. With the ability to learn when new devices join your network, you can see when an outside attacker may be attempting to access your data.

 

4. Start Talking to Your Colleagues

 

Not all security issues are caused by nefarious acts. Anything that could potentially cause data center downtime is a threat to network protection.

 

The best way to avoid security issues created by human error is to make sure that all parties involved in the data center, including IT, facilities and security, are aware of what the others are doing.

 

We witnessed the importance of this first-hand with a client that didn’t have an established communication framework in place. Data center equipment was overheating and causing downtime, generating heat alerts that were being sent straight to C-suite executives—but no one could figure out why the equipment was so hot.

 

Because the teams involved in the data center were so segmented, equipment was being provisioned and installed by multiple people from multiple sources. As a result, side-breathing pieces of equipment were deployed right next to each other (one breathing left to right and one breathing right to left)—and they were essentially cooking each other.

 

Simple internal communication could’ve avoided this problem, and the organization now realizes the importance of understanding what all involved parties are doing.

 

Want to hear more insights about network protection and data center security? We covered the topic in a webinar with Cabling Installation & Maintenance. You can view it on demand here.

 

Related Links:

 

Are We Headed Toward Lights-Out Data Centers?

5 Ways to Improve the Sustainability of Your Next Data Center Project

How to Decide Between Private, Multisite or Public Cloud Data Centers