By: Nihad Hassan
May 5, 2021
Introduction to Data Center Security
By: Nihad Hassan
May 5, 2021
Today's organizations of all sizes and across all industries are on different digital transformation roads. Digitalization has affected our life aspects; the most noticeable change was how enterprises do business and interact with customers.
In today's digital age, most data is created digitally and never saved into paper. According to Statista, the total amount of data created, captured, copied, and consumed worldwide is to increase rapidly, reaching 59 zettabytes in 2020. The number of internet connections and mobile device users is witnessing significant growth; according to the datareportal (see Figure 1), in 2021, there will be 5.55 billion unique mobile users, which constitute %66.6 of the world population. Many internet users will produce a massive amount of digital data from their interactions with technology (e.g., social media usage and other forms of online communications). Figure 1 - Digital around the world – source: https://datareportal.com/reports/digital-2021-global-overview-report
The massive volume of digital data has created what is now known as "big data," which is considered the primary fuel of the digital transformation revolution. It contains sensitive information such as customer personal information and business trade secrets. It is essential to store them in the most secure place, now called a "Data Center," to keep such important information confidential.
Data centers are considered an integral part of our modern society and digital economy. Everything we do or happen online is stored in it. They are not concerned with housing digital storage units only. Other critical IT infrastructure such as networking equipment, security systems, and digital applications also exist to facilitate processing, executing, and storing data and securing it from unauthorized access.
What is the importance of data center security?
The security of data centers is essential for any business. Data contained within it is considered the business's lifeblood, as, without it, the company can fail and may lead to leaving work entirely.
They contain different types of sensitive information, such as proprietary information, trade secrets, customers' personal information, including patient health records and banking and other financial information. Intentional or accidental exposure of such data can lead to:
- Loss of reputation and customer trust: Most customers will not deal again with a company that suffered from a data breach. People care about their information, and falling victim to breach will negatively impact an organization's reputation. According to IDC, "80% of consumers in developed nations will defect from a business because their personally identifiable information is impacted in a security breach".
- Noncompliance fines: There are different types of data regulation standards that a nosiness must adhere to, such as PCI DSS, HIPAA, GDPR, SAE 18 (formerly SAE 16), and ISO 27001: 2013. Failing to comply with enforced data regulations can result in huge penalties. For example, the European General Data Protection Regulation (GDPR) imposes fines for noncompliance that reach a maximum of €20 million or 4% of the infringement organization's annual global turnover.
- Loss of revenue: If data in the data center become inaccessible for any reason, the cost of downtime can be very expensive. According to a survey by helpnetsecurity, 37% of SMBs in the survey group said they had lost customers, and 17% have lost revenue due to downtime.
How to secure data centers?
Data center security refers to the physical security controls and logical countermeasures (software solutions) to prevent unauthorized access to data centers from both internal and external threat actors.
The physical layout is the most critical security aspect. A data center building can be designed as a dedicated unit to store its equipment or be used as a general-purpose facility that dedicates its portion to house the data center equipment. The building is commonly built away from roads and other facilities to create a restricted zone that only authorized people can access. They are commonly built without exterior windows, have limited doors, and access to the internal structure is restricted via one door. There are security guards within the data center facility that monitor the surrounding building via surveillance cameras. Employees accessing the data center utilize two-factor authentication, such as their card and passcode. Many data centers authenticate their visitors using biometric authentication systems (fingerprint readers, iris scanners, and facial recognition) for increased security.
Software –or logical- security
There are various logical threats threatening data stored in a data center. The most obvious ones are malware (spyware, ransomware, rootkit) and hacking. Security information and event management tools (SIEM), firewalls, antivirus and antimalware, and intrusion prevention systems are standard solutions to protect data. Network segmentation is also a protective security measure that is commonly applied in data centers. IT administrators segment data center networks into multiple segments or virtual networks and keep the sensitive data on the most protected one to ensure a high-security level. Administrators can now control the flow of data between various segments based on a predefined group access policy.
A data center is where an organization keeps its most precious data; keeping it safe is essential for proper workflow. Protecting data centers involves implementing two primary security defenses: Physical and software measures. This article briefly discusses the importance of securing data in a data center and suggests protective procedures to defend against internal and external threats targeting data centers.