Data Center Security
What is Data Center Security?
Data center security services include the technology and physical measures used to secure and protect a data center’s assets and resources. This includes shielding it from internal and external threats.
All aspects of a data center, including the networks, servers, power systems, and the data and processes they support, are covered by a comprehensive security plan. Further, there are specific data center security threats that must be addressed because data centers are a tantalizing target for threat actors looking for vulnerabilities.
Why is Data Center Security Important?
Why do you need data center security in the first place? Whether a data center is used mainly for storage, disaster recovery, or supporting applications, its computational workloads are the backbone of the businesses it serves. In addition, a company's sensitive information and business-critical applications are a treasure trove of opportunity for hackers and other threats.
Data centers are a trusted component of an organization’s infrastructure. Many companies depend on their data center assets to provide a safety net when all else goes wrong. In this way, a secure data center ensures business continuity and gives its users confidence that they can focus on growing their businesses without worrying about the safety of their digital assets.
How To Secure a Data Center
A data center consists of groups of networking and computational equipment that process and store information for a business in a central location. To keep it secure, businesses must employ both virtual and physical systems designed to protect the data center. In addition to protecting the organization's computational assets, specific network security measures must be implemented to prevent malware attacks and other threats from penetrating the data center.
Choosing the right location should be a primary focus when building a data center. There are certain areas that must be avoided because they present security and safety risks that can cause service interruptions or complete failures. These include:
- Power plants
- Areas within earthquake fault lines
- Areas airplanes cross as they land
- Places close to chemical facilities
- Locations where hurricanes are common
- Places likely to experience tornadoes
- Areas prone to seasonal wildfires
- Areas exposed to flooding
Besides building above flood planes, using thick concrete walls may also provide an extra layer of physical security. Concrete walls a foot thick or thicker can help prevent natural disasters and even explosions from impacting a data center’s physical security.
Virtual or Software Security
Virtualization technology is common in data center technology. With virtualization, a business gets a digital infrastructure that supports or mimics its primary systems. This enables administrators to manage the data center’s services from remote locations. It also allows for greater flexibility because software can be used to manage the security and workflows of the data center.
Some data centers take advantage of virtualization to set up access to public cloud services while others incorporate it in their internal data center. While the use of software and cloud solutions, like SoftLayer and Amazon Web Services (AWS), provides administrators with more flexibility, it also exposes the data center’s assets and systems to cyber threats.
In some data centers, security is part of the services offered to the businesses they serve. Some common measures include intrusion prevention and detection systems, firewalls, and next-generation firewalls (NGFWs). An organization’s IT administrator can use these measures to dictate who is allowed access to the data center’s resources in general—or who can access certain sections of the network.
Two-factor authentication (2FA) can also help an organization secure its data center resources. This involves users proving their access privileges by using something they know, like a password, in combination with something they physically have, like a phone or flash drive.
Data Center Security Technology
Only the most recent technologies will be sufficient to maintain the security of a data center. Because many—if not all—of the assets within may be critical to a business’s operation, you need up-to-date security measures to protect them from the ever-evolving threat landscape.
With multi-factor authentication (MFA), you automatically get an extra layer of security, particularly because at least two elements are used to validate access rights. If an attacker is to obtain one authentication measure, they still need to find a way to get the second—before too much time goes by and the login session either times out or a security alert is generated.
While this is common when securing digital assets in a variety of situations, it is also a powerful security solution to ensure only authorized individuals can access the physical areas of a data center. Some requirements to access data center equipment can include:
- A comprehensive check-in process that requires government-issued identification
- Special badges for visitors
- Fingerprint identification
- A physical key that can provide access to areas where equipment is run or stored
- Badge key cards, which can be verified before going through doors between sensitive areas
- Retina or facial scans
Surveillance Monitoring Systems
Surveillance monitoring ensures high security for a couple of different reasons. First, you can record who enters which areas, as well as what they do once inside. This information can be reviewed if there is a breach to track down the attacker. Second, the presence of security monitoring systems can be a powerful deterrent against attackers. Knowing they have to find a way to bypass a camera system can be enough to encourage them to move on to a softer target.
A surveillance monitoring system is a more powerful asset when it is operated by human personnel. While a digitally based system that is always on may be effective in some situations, a human running a surveillance system can be a more powerful impediment. In addition, a security professional can provide suggestions on how to maximize the effectiveness of the surveillance system. Also, the system may need improvement at times, and the ability of an individual to pinpoint areas of improvement can be invaluable.
Redundancy is a key component of data center resiliency. With redundant elements in place, if the primary component malfunctions or breaks down completely, the secondary component can be activated—automatically or manually—and key systems can maintain their function.
For example, the power system needs to have a redundant backup, as do other crucial components. These may include:
- The cooling system, which keeps servers from overheating while processing data
- Electricity used to power specific areas of the data center, such as those housing servers or key networking components
- Network connections that provide information throughput to business-critical systems
Redundancy can also play a key role in making sure downtime is reduced when servers malfunction or even to maintain uptime in virtual systems. For example, a data center, for some processes, may run two servers in parallel, both using the same operating system, security measures, and software. If one is to go down, the other can automatically turn on, maximizing uptime for users.
Redundancy can also be used to tighten the data center’s digital security. In many cases, when there are two components working in tandem for digital security, they are both redundant and complementary. For example, multiple firewalls can be set up at different points within a network, one at the outer edge and another between the edge and a server. The two firewalls are redundant because they may catch many or all of the same threats. However, you can use the edge firewall to inspect the outgoing traffic that gets by the firewall in front of the internal server. With this data, you gain insight into the existence of internal vulnerabilities, as well as how threats that exploit the vulnerabilities behave.
Redundancy is also a valuable strategy when it comes to the data center’s network infrastructure. The data center can take advantage of two internet service providers (ISPs), for instance, with one only being used when the other goes down. The traffic from both ISPs can be run through a high-throughput firewall to ensure continuity if the primary provider’s signal fails or has to be shut down due to a security breach.
Data Center Vulnerabilities
Attackers employ a variety of techniques and tools to penetrate data centers and their security systems. They may target specific groups of users with social engineering attacks to fool them into either giving away passwords or giving intruders an access point to get past the data center’s security system. If a user downloads malware, it can be used to gain access to passwords and other login credentials. Further, if ransomware is used, the attacker can capture and control a crucial computer, forcing an administrator to pay a ransom to gain access once again.
Attackers also tend to target weak passwords. These are often the result of users recycling passwords they use on other accounts because they are easy to remember. Even if the password is relatively hard to guess, if it is used on multiple accounts, it is weak. An attacker can crack a user’s password in a different application, and because it is used to access data center resources, the attacker now has what they need to get in there as well. This further underscores the necessity of MFA that involves at least one thing a user can hold and one thing they know.
It is important therefore for IT managers to provide users with training around good password and credential management, as well as the dangers that can result from even minor slip-ups. Education should also include what threats look like, how they behave, and which attack surfaces are most likely to draw the attention of malicious actors. Education is one of the most effective ways to reduce human-based vulnerabilities.
In addition to users, data centers can also present vulnerabilities stemming from networks that are not properly configured, are outdated, or use insufficient security tools. Because cyber criminals are constantly on the prowl for new attack methods, only the most up-to-date security protocols and tools should be used. Automatically updating software, including that which uses threat intelligence, can keep a data center one step ahead of the most recent threats.
How Fortinet Can Help
Fortinet FortiGate NGFWs provide superior protection for data centers, whether they are installed at the edge or within the network. Because data centers often manage several types of workloads, multiple NGFWs can be deployed, with each one configured according to the unique needs of the workload they need to protect.
FortiGate can be used to make sure only authorized individuals and websites can gain access to the data center’s resources. With FortiGate, you can set up a virtual private network (VPN) that pipes traffic directly from specific users or a central location into the data center or specific areas of it. Further, with the FortiGate deep packet inspection (DPI) capability, malware and other threats are kept outside. This is accomplished with the help of artificial intelligence that can identify anomalies in data, enabling the system to detect even brand-new threats.