Even if the cloud computing is on the rise, there are still a lot of corporate data centres around and these are a very tempting target for cyber criminals and malicious hackers.
To help protect data centres – and the data stored within them – the National Cyber Security Centre (NCSC) and the Centre for the Protection of National Infrastructure (CPNI) have come together to offer security guidance to data centre operators and users.
“Operators and users of data centres have a clear responsibility to protect the data that they hold and process – failing to do this poses a massive financial, reputational and, in some cases, national security risk,” said Dr Ian Levy, technical director at NCSC.
“Owning these responsibilities means understanding the array of methods that malicious actors could use to compromise a data centre both physically and digitally,” he added.
There are several issues which data centre operators and users should be thinking about, in order ensure best security practices and that data is kept safe and secure.
Both data centre operators and data centre users should be able to identify their assets, identify threats, assess risks, develop a protective security strategy and implement the correct measures to ensure all these risks are managed. These processes should also be reviewed periodically as risks and threats can change.
Measures should also be put in place so in the case of a data centre being targeted by an attack designed to disrupt it, services can be maintained. For data centre operators, risk management should be driven by senior leaders to be most effective.
Data centres need to be resilient against various threats and hazards. While this includes denial-of-service (DDoS) attacks and other cyber attacks, they also need to be resistant to hardware failures, power outages and natural disasters. For power outages, for example, organisations need to ensure there’s a reliable backup system which can keep it going.
Users should also make plans based on the assumption that at some point their cyber defences could be breached and know how they’d be able to detect and react to attacks to minimise the impact of cybersecurity incidents.
Geography and ownership
It’s important for organisations to know where data is stored, particularly if cloud hosting providers operate around the world. The NCSC notes that storing data with service providers which host servers in China and Russia could be considered a risk because of laws around access in those countries.
Physical perimeter and buildings
It isn’t just cyber attacks which are a threat to data centres, there’s the risk that they could be physically attacked or sabotaged too. Data centres should be physically secure perimeters designed to keep unauthorised visitors out and make the server rooms difficult for anyone without permission to enter. Detection measures should also be put in place to identify intruders and keep them out, including physical security systems, CCTV and alarms.
With the right training, people can become a force to improve security. Employees and users who are aware of potential cyber threats can help to identify and disrupt potential cyber attacks, while a good security culture throughout the organisation can reduce the risk of insider threats becoming a problem. For data centre customers, it’s important that the data centre provider than demonstrate policies and procedures it has in place to show that it’s personnel operate securely.
Cybersecurity vulnerabilities can be introduced at any part of the software supply chain, especially if key services like data centres and storage are being purchased from third-party suppliers. As various incidents have proved, it’s possible for cyber attackers to compromise those suppliers and use them to gain access to the networks of their customers. It’s important to understand the potential risks in the supply chain, to research who the provider is and what their security structure is like – and have a plan in place if things go wrong.
It’s important to remember that data centres are valuable targets for cyber criminals and nation-state backed hackers. In many cases, the aim of the attacks is to steal or even destroy data. Those responsible for data centres of their organisation should make plans based around the idea that a successful cyber attack will happen and take steps to ensure incidents can be detected and minimised.
MORE ON CYBERSECURITY