Welcome back. This month’s blog is: The 3 Functions of Data Rack Security Compliance. In this week’s blog, we will discuss the 3 Functions and dive into detail on the first Function. In subsequent blogs, we plan to expand and look in detail at each of these 3 Functions. With that said, let’s introduce The 3 Functions of Data Center Security Compliance:
- Physical Network Security
- Operational Security
This week, we will highlight the first of the 3 Functions: Cybersecurity. It today’s world, saying that cybersecurity is the top of the list for security compliance is a rather obvious statement. But, that being said, what we will discuss about flaws in most every cybersecurity strategy is meant to prompt the reader to look at additions to their existing cybersecurity plans. Today, cybersecurity is largely focused on the permitter of the network with the intent of keeping the bad guys out of the servers and networking equipment. That is a critical goal and no one should criticize this. But, as Forrester Research points out:
“Data from Forrester’s annual Forrsights security survey shows that insiders (whether through malicious or accidental actions) were more likely than external attackers to be the cause of breach across North American and European enterprises and SMB’s. Once an attacker gets past the M&M shell of today’s networks, he has insider access to all the resources in the network.”
The problem of insider-originated attacks is only growing worse through the BYOD revolution that extends from data centers to network closets to the networks found in every single office facility. In short, if you have a mobile device that is infected with Malware, you will soon have networks infected with Malware. According to Motive Security Labs, the number of Mobile devices infected with Malware now equals that of Windows laptops. This information clearly shows how easily a data center, network closet or office facility can become infected with Malware.
But Malware needs a place to hide in order to do its job effectively. That’s why, according to the Ponemon Institute’s recently released figures for 2014, over 90% of all Malware infections are not even discovered until 90 days after being compromised. We have found that some of the best hiding places in a network are SNMP-enabled rack power and environmental infrastructure. This includes rack PDU’s, rack UPS’s and rack environmental monitoring systems. All sit in close proximity to servers and data storage systems and, since all SNMP devices communicate easily with one another, an SNMP-enabled server or storage system makes an easy target.
Here is the problem that we have discovered: Everyone is focused on protecting the perimeter, some are looking at traffic on the interior but no one is really focused on the management traffic. It all simply gets a pass. If you try to somehow sort out what is “good” management traffic and what is “bad” management traffic, you get into an endless loop. We believe that we have solved the problem by creating a Smart Firewall that gathers all SNMP data INSIDE the data rack via a secure private port and the Smart Firewall then scans that data for Cyber, Physical and Operational Anomalies and the securely PUSHES all of this data to a management server. In this way, each data rack has its SNMP-enabled infrastructure protected by plugging the management port of each rack device into a private hub and that private hub is then plugged into the private port of the Smart Firewall.
You can then manage from the server by having access to the data that comes form the SNMP ports from each device in each rack. In order to insure the security of the server, we provide a digital certificate-based system to which only a trusted individual can have access. At the end of the day, you get all the SNMP data that you want, you have it presorted by our own systems analytics (say good bye to setting all those alarm set points by hand) and you get instant notification for any statistically significant event on your IOS device.
Please think about how you are managing the Cybersecurity function in your organization. If you have give a pass to SNMP data traffic, please realize that you have given an easy entrance into your data storage systems. That is where our product shines, by protecting all your critical SNMP-based systems, while still allowing you to get all the data that you need to remotely management those systems.
Please think about this and, until next time,