Data center security encompasses the practices and preparation that keep a data center secure from threats, attacks, and unauthorized access. Aspects of data center security include physical security, requiring site planning to limit physical break-ins, and network security, where security engineers install firewalls and anti-malware programs to prevent breaches. More recently, social engineering security has become an important aspect of keeping the data center secure. This involves maintaining and educating users about good security practices through awareness campaigns that help to make sure authorized persons do not unwittingly disclose information that unauthorized persons can use to defeat existing security measures.
Because a data center hosts information, applications and services that businesses use every day, organizations must ensure they are using appropriate security measures to protect the data center. Lacking effective data center security can result in a data breach where sensitive company information or worse – customer information – is exposed, or stolen. This type of data breach can be very costly, both financially and for the company’s reputation. Some businesses never recover from a data breach.
The speed of technological advancement means that security threats continue to evolve rapidly. With more virtualized data center technologies, there is an increasing need for data center security at the infrastructure layer. Security integrated within software enables a more fine-grained security approach, along with greater agility and adaptation when dealing with security threats.
A data center is a centralized cluster of computing and networking equipment that stores and processes business-critical information for an enterprise in one physical location. Businesses must use both physical and virtual security measures to protect their data center. Network security is yet another concern for securing a data center, since malware and other threats can reach a data center through the network.
The most effective security solutions for data centers include both physical and virtual security tools. Because the equipment housed in a data center is both sensitive and bulky, there are special considerations for physical security. Water and electronics don’t mix, so traditional fire suppression systems don’t work in a data center. And since data centers are connected to outside networks via user access, IT administrators must make sure appropriate network and user security policies are in place at every point that has access to the data center. Virtual security measures include ways to confirm the identity of authorized users, such as multi-factor authentication, and software that keeps unauthorized users out, like a firewall.
Physical security measures for a data center depend on the size of the center. Data centers often contain a large amount of IT equipment—servers, switches and routers, power and cooling infrastructures, and telecommunications equipment. This equipment might be contained in a closet, which can easily and simply be protected with a physical lock, or a in a warehouse, where additional physical security measures such as badge access, video surveillance, alarms, or security guards may be more appropriate.
Protection from fire is another physical security concern. Because a data center contains sensitive electronic equipment, chemical fire suppression systems are a better choice than sprinklers to protect the equipment from fire.
Many data centers now use virtualization technology, which allows for the abstraction of data center servers, network, and storage. This abstraction allows IT administrators to manage data center services remotely, using software to run data center operations and instantly provision workloads across several servers as needed. Some data centers use virtualization technology to access the public cloud and use it as part of their data center infrastructure. Using software or cloud solutions to structure and manage the data center adds flexibility, but also makes the data center more vulnerable to cyber-attacks.
Some data center networking software includes security as part of the offering or is designed to work with other virtual security tools such as firewalls and intrusion prevention and detection systems. IT managers might use this software to set policies that identify users and determine which users can access the data center. Two-factor identification, where a user’s identify is confirmed by asking for something they know (such as a password) and using something that they have (like a cell phone) is one trusted method that IT departments can use to ensure that only authorized users have access to a network that is connected to the data center.
Data center security software not only keeps unauthorized users from viewing or stealing sensitive data; it can also be used to back up the information in the data center, protecting it from loss.
Businesses can keep the data center protected from malicious inbound network traffic by setting up a strong security perimeter or firewall between external traffic and the internal network.IT managers can further structure the network infrastructure to strengthen the security in a data center by partitioning it into segments and isolating each segment from the others. With a segmented network infrastructure, a security breach in one segment does not necessarily compromise the entire network.
Cyber criminals use a variety of tools to gain access to data centers. Social engineering attacks target users, tricking them into revealing passwords or opening up other ways for unauthorized users to get in. Unsuspecting users can download malware such as “ransomware,” which prevents legitimate users from logging in, and holds the computer ransom until the attackers get paid. Weak passwords are another way cyber criminals exploit users who are not vigilant about security to gain access to a data center. To keep data centers safe, IT managers must educate their users about the different types of attacks and enforce good user security practices.
Users are not the only vulnerability in a network. Improperly configured networks or security software tools might also allow cyber criminals to gain access to a data center. Cyber criminals can shut down an improperly configured software program or server by either overwhelming it with requests or by presenting it with a sequence of code that it is not programmed to deal with. Data centers are also vulnerable to “spoofing” attacks, where the true source or nature of a malicious program is disguised. In IP spoofing, a message looks like it is coming from a trusted host and passes as safe to enter the internal network. Firewalls are one way to protect against IP spoofing attacks.