Boost Data Center Security and Batten Down the Hatches
This article originally appeared on June 24, 2016, and has been revised to bring our readers the most up-to-date technology information
When asked why he robbed banks, criminal Willie Sutton famously replied, “Because that’s where the money is.”
Today’s data centers are giant depositories filled with a wealth of information rather than cash. As Clive Humby, architect of the Tesco Clubcard said, “Data is the new oil.” Unlike oil though, there is no limit to this valuable resource.
By some estimates, the amount of digital data generated is doubling every two years — and that trend has dramatically increased the risk profile of data centers.
According to a 2015 study conducted by 451 Research, enterprises that collected quality data reported increased revenues by 50.5%, and reduced costs by 48.5%, among other benefits.
Challenges meeting security best practices
While we can all agree that the value of quality data is, well, priceless, to a business of any size competing in the market, there are obstacles to processing the data in a timely manner. Consequently, companies opening the floodgates to big data without detecting what they’re storing can put themselves at risk for major vulnerabilities. Despite the best attempts at data security best practices, companies are having a hard time keeping up.
“The challenge is, if you look at the sheer quantity of data at a public, cloud-based data center, for example, the attack profiles and capabilities become more sophisticated and complicated,” says Brett Kelsey, vice president and chief technology officer for the Americas for Intel Security. “That becomes part of the problem, because it makes it more difficult to maintain the overall profile.”
Rather than increasing complexity, Intel Security’s approach incorporates the overall ecosystem. “The norm today is that organizations buy independent, disparate solution sets for each of their security components, and then wonder why they don’t talk to each other,” Kelsey says. “Our model is to bring everything together in a unified platform, to make the entire ecosystem smarter every time a particular problem is discovered.”
Sprawl affects security
Through the early 2000s, a data center meant rows of racks filled with servers and devices, connected with cables and wires. “Now, you may see a physical device, but what you can’t see is that it may have 10, 20 or even 100 virtual servers sitting inside it,” Kelsey says.
The security challenges for IT departments arise on a variety of levels:
Virtual technology sprawl — How do you know how many virtual servers you actually have and if they’re all up to date from a security perspective?
Information sprawl — How do you know where information resides and what level of confidentiality needs to be applied?
Data movement — Orchestration, in which a microenvironment can be stood up for a short period of time, offers flexibility — but from an IT security perspective, it’s a challenge to know what data exists, how it’s going to be protected or for how long, as well as who has access.
Shadow IT — “Take a credit card and 15 minutes, and you’re on Amazon with your own environment, putting business-unit level data on it, without the internal controls that a normal IT organization would put in place,” Kelsey says. “In fact, IT may not know that it even exists.” More on how to solve this challenge in our recent article, CIOs Scare the Competition with Hybrid Cloud Orchestration.
To resolve the challenges presented by virtualization, Intel’s solution sets can extend normalized security protection to a corporate data center, a cloud or both and enable them to be managed — again, under one unified platform.
Virtualization does offer several security advantages compared to a purely physical data center. “We’ve created solutions that allow you to create virtualized versions of security that sit down at the level of the hypervisors of the various data center technologies,” Kelsey says. “It’s much easier and faster, and has a greater level of internal security than we’ve ever seen in the physical world.”
Data center security is more important than ever
In particular, the proliferation of data from social media has created its own set of security and privacy ramifications. “The bad guys have unique things they can do to access, track and use data for purposes we’ve never even thought of before,” Kelsey says. “If they can map the overall profiles, they can map your backend information, where you live, who you’re connected to, and eventually getting to financial institutions and other serious types of data. There is as much of a consumer data-center-related problem as there is a corporate one.”
The second aspect that elevates the importance of data center security is the diminishing role played by the network layer. The quantity of encryption between end devices and the connection to the data or data center is growing exponentially, which makes the middle component essentially blind to any form of security controls.
“Let’s say you have cops looking for traffic violations, but they have to sit outside a tunnel,” Kelsey says. “They have no visibility on what people are doing in the tunnel, so they need to see what drivers are doing as they come out either end. In the same way, security controls have to be provided at the data center level and at the endpoint level.”
As an Intel Technology Provider Platinum partner for more than 10 years, Insight has helped clients in all industries to assess and address their data center needs. When it comes time to ramp up the security of your data, contact one of our experienced specialists.