Hybrid cloud and data centres are on the rise, most of the businesses are choosing them to store their data. Yet, every now and then, we here about breaches. Are hackers smarter than our CIOs? Or CIOs are making some mistakes.
We interacted to Anjani Kumar, India Country Manager, Raritan Inc., to understand the security concerns and risks.
What is the importance of physical security in data centers across sectors in this age of data deluge?
Recent instances of data breaches, data theft or cyber-attacks have been on the rise in India. But Indian companies are struggling to cope with such risks and taking longer to contain them or to take preventive steps. In keeping with it, data center security is becoming an increasing concern. And more so in the light of the recent breaches reported in the highly secured facilities of Facebook, Yahoo, Uber or Deloitte among others.
To add to this, deeper data proliferation through government initiatives and citizen services introduced like Aadhaar, DigiLocker, Digi Dhan and apps like Umang have paved the way for explosive growth in internet-enabled consumption. At the moment, the government data storage is based on the hybrid model with both cloud and IT infrastructure. And the challenge for these public institutions run deeper due to the highly sensitive nature of the data.
With these citizen services, there is a need for complete data localisation in robust and agile data centers. The growing demand for online services will unequivocally demand to scale of a cloud. This makes India’s problem more unique in nature that has to be addressed with indigenous solutions that will need the integration of both cloud and physical solutions. With these, there are also the newer set of challenges while ensuring security in the co-hosted or even cloud data centers.
What are the breaches that may occur in a data center rack?
The risks associated with rack-level data thefts are mostly external weak links. There are two kinds of threats that can cause breach at the data center rack.
1) Unauthorized access by intruders to server rooms or networks
2) Unintentional duplication of data by non-trained data center personnel.
Hence, a part of mitigating these security threats could be educating the employees about the simple do’s and don’ts at the data center.
Malicious intruders can plant key loggers, video cameras, or other tracking devices on the hardware itself before leaving the facility. At times, hackers could even bypass external network security controls by relaying from behind the firewall or switch.
Where do you see the challenges or gaps?
Despite the risks involved, the physical security at the rack has not been given the due attention needed in most data centers. The real gap lies with the CIO’s limited vision of securing access to actual networks and servers through secured network authentication verification and password authentication. They should also be focusing on 100 per cent visibility of all networks including virtual servers, virtual networks and servers located at a third-party data center.
Data centers today have to consider physical security as a top priority in their security agenda and while budgeting the IT cost. The focus has to expand from access control to the physical facility at large to avoid possible threats.
Security Innovations development for the data center?
There are many innovations happening at the physical security level across many solution providers. When we talk about rack level security, we are referring to an increasing need to secure data center racks and cabinets with intelligent door lock technology.
Some of these market innovations are happening at Raritan as well. Its SmartLock electronic door access systems provide an easy to deploy, cost-effective, economically networked locking solution for data enclosures of all types. Data center operators can leverage the PX plug and play sensor technology to connect SmartLock systems and deliver crucial data to the security software.
Smart door access systems also improve workflow management at the rack level and remain secure even during unprecedented power outages by seamlessly integrating with USB cameras, and asset management strips to control workflow. SmartLocks offer a significantly critical layer of security, offering true value benefits, and giving the much-needed confidence to data center managers on their rack level security framework.
An additional level of access control and security at the rack level is offered by the digital proximity sensors that detect motion around a cabinet. They can be configured to trigger an event such as taking a webcam picture when a cabinet door is opened, thus protecting your rack cabinets from unauthorized access. Further, they offer the flexibility of linking to 3rd party devices such as smoke detectors to alert you of fires.
Source: CIOL