March 7, 2022

Data Center Security

We’ve all had our moments of anger, upset, frustration and dismay at the current crisis in Ukraine – we’re thousands of miles away from the war here in the USA and yet still quite involved emotionally. This is due largely to the changes in media technology in the past few decades that enable instant reporting and live footage as well as drone camera coverage and even cell phone reporting. While many in Russia are being kept unawares of what is really transpiring outside their borders, the rest of the world is watching and waiting, as well as donating supplies and finances to help keep Ukraine free and independent.

One interesting subject related to the current conflagration that we’ve found to be trenchant to the data center industry is being explored by guest Data Center Frontier writer, Mark Houpt, Chief Information Security Officer at DataBank. Mr. Houpt considers the issue of cybersecurity for data centers, and how the war in eastern Europe could negatively affect U.S.-based companies and their data centers. As he explains it:

“Technology constantly shapes the way we monitor and perceive wars and conflicts such as what we’re now seeing. For example, more than 30 years ago, Operation Desert Storm was regarded as the first war fought on live TV, with satellite communications providing accurate images, footage, and updates on a daily basis. Similarly, the current Eastern European conflict could be considered the first war to be fought on social media. People are using social media platforms to share videos, distribute information, generate sympathy and support, and influence results. In many ways it’s succeeding, but it also may have unintentional cybersecurity results on a global level.

In this case, the public outcry—as voiced in millions of posts, comments, likes, and shares—has been heard by nonaligned entities and conglomerates of hackers sympathetic to Ukraine. In response, many are launching cyberattacks against the aggressor, which, in turn, has led to a temporary decrease in attacks against American companies and infrastructure. For CISOs and cybersecurity teams, this may seem to be good news—but only at first. The fact remains that these events are truly dynamic, especially in the case of one or more nonaligned entities targeting a powerful nation-state. These nations are accustomed to responding to attacks from other nations, not hard-to-identify hacker groups. This conflict is changing from moment to moment, and it’s conceivable it could affect the U.S. down the road.”

While it’s a bit of a jump to assume that the war in Ukraine will mean attacks on U.S. data centers down the road, we do know that Russia has attempted to influence our politics and culture in the past with cyber-tactics, so it makes sense it could happen again. Data Center security is already growing more important each and every year due to ransomware and viruses designed to ensnare and hold enterprises hostage for the financial benefit of bad actors and hackers, so proactive steps to battle cyber-attacks make a lot of sense. Houpt goes on to present several tips and steps to help shore-up a data center’s cybersecurity protocols:

Shields Up: Adhere to Data Center Security Best Practices
Now is not the time to relax your standards. If anything, it’s time for “shields up,” and this means increased scrutiny and discipline related to known cybersecurity best practices. For example, every company should be up to date when it comes to patching, data hygiene, and physical elements of security. This can include everything from making sure fuel contracts are current and backup generators are filled, to visitors wearing badges at all times.

Expand the Use of Intelligence Sources
One of the most valuable resources any cybersecurity professional should use is the right intelligence sources. Many companies tend to shy away from operational security intelligence and open-source intelligence (OSINT), perhaps because they consider it a government function, not business responsibility. Today’s climate calls for a change: re-evaluating this mindset and investing in effective OSINT tools can give you a valuable advantage.

Twitter Mining
There are companies and solutions that will mine Twitter and other social media platforms to consolidate data and use it to alert about possible threats. Users can even manage multiple Twitter feeds running at the same time to collect hashtags and monitor other trends and possible groundswells of threat activity. This type of functionality could be used during a crowd event or riot. Cybersecurity teams can track crowd locations, and if they get too close to a facility or data center, they can notify staff and take preventative measures to assure the facilities stay safe.

Houpt goes on to list several other easy-to-follow tactics that can help to keep your data center (and your precious data) safer and well-protected. The gentleman knows what he’s talking about and the article is free to read – please check it out from Data Center Frontier by following this link.

While considering cybersecurity threats to your data center, please remember that Altus offers data center security consulting services as one of our main data center services to our valued clients. In business since 1996, we serve large and smaller enterprise clients with consultation and hands-on expertise to keep data centers growing and thriving. Let’s have a conversation about the state of your cybersecurity efforts in 2022!