Everywhere we turn we seem to be hearing about another cyber attack. Sensitive customer information, compromised. Angry businesses. Concerned customers. It is a major problem and it is one that data centers must be supremely aware of and vigilant in protecting against since facilities have access to and store so much sensitive information. Data centers must protect networks, applications and end points from highly sophisticated, ever-evolving threats.
Protection techniques vary by each location depending on the size of the facility, the information it stores, and the specific needs of their clients. But, in the end, all data facilities need to be actively preventing cyber attacks through a variety of means and approaches. There are intrusion prevention systems that can be implemented by any data center that are scalable and designed to protect against the most current threats. Data Center Dynamics explains why security must be uniquely designed for the data site, technology-driven, and innovative to truly protect data centers from potential threats, “Many Internet-edge security solutions, like next-generation firewalls, are being inappropriately positioned in the data center where the need is visibility and control over custom applications, not traditional web-based applications, and the systems that keep them operational. Security must be integrated into the data center fabric, in order to handle not only north-south (or inbound and outbound) traffic, but also east-west traffic flows between devices, or even between data centers. Security also needs to be able to dynamically handle high-volume bursts of traffic to accommodate how highly-specialized data center environments operate today. And to be practical, centralized security management is a necessity. Today’s data center environments are highly dynamic and security solutions must be as well. As they evolve from physical to virtual to next-generation SDN and ACI environments, data center administrators must be able to easily apply and maintain protections… They must also be intelligent, so that administrators can focus on providing services and building custom applications to take full advantage of the business benefits these new environments enable, without getting bogged down in administrative security tasks, or risking reduced levels of protection… Traditional data center security approaches offer limited threat awareness – especially with regards to custom data center applications and the SCADA systems that keep them running 24×7. They typically deliver limited visibility across the distributed data center environment and focus primarily on blocking at the perimeter. As a result, they fail to effectively defend against the emerging, unknown, threats that are targeting them. What’s needed is a threat-centric approach to holistically secure the data center, that includes protection before, during, and after an attack – one that understands, and can provide protection for, specialized data center traffic and the systems that keep them running. With capabilities like global intelligence, coupled with continuous visibility, analysis, and policy enforcement across the distributed data center environment, administrators can gain automation, with control, for the protection they need. Advanced attackers are infiltrating networks and moving laterally to reach the data center. Once there, the goal is to exfiltrate valuable data or cause disruption. Data center administrators need technologies that allow them to be as ‘centered’ on security as attackers are on the data center.” Protection must be multi-level and provide protection, contingency and backup for multiple-stages of a potential attack. While implementation of such protection may be time-consuming and costly, it is far better than having a massive cyber attack that compromises senstive customer information or that forces your data center into prolonged downtime. Through better protection and an ever-evolving approach based on the most current information about cyber threats , customer trust is protected and business can continue to not only function but thrive.
