Location: Home/Contact/News

Data Center Cybersecurity Strategies

Protecting the physical infrastructure of a data center is crucial to ensuring the security of the facility's servers, networks, and the data and applications they host. After all, data centers are physical structures with real-world vulnerabilities based on their connections to intelligent HVAC systems, fire controls, electrical equipment, and even security cameras. Any digital device connected to the network within a data center, beyond the central racks of computer equipment and network devices themselves, can be a pathway for cyberattacks.

Data Center Infrastructure Management (DCIM) platforms provide facility managers with the ability to monitor and control the physical infrastructure within a data center. However, these same software platforms can also provide hackers with unauthorized access points to launch unconventional cyberattacks, such as uploading malicious backup files through payloads installed on physical devices. In other cases, attackers might attempt to access and sabotage the data center's cooling systems, causing servers to overheat and fail. Another ongoing threat to data centers is their reliance on Uninterruptible Power Supply (UPS) systems. Due to lax security measures, allowing the change of default usernames and passwords, malefactors can access UPS devices connected to the internet. In 2022, over 20,000 instances of DCIM software, smart monitoring devices, thermal cooling management control systems, and rack power monitors were exposed to the public and vulnerable to cyberattacks. Since then, more than half of data center operators (55%) have reported some form of disruption.

Taking Measures to Protect Data Center Uptime
To prevent cyberattacks on the physical data center, operators must meticulously plan the operational technology (OT) of the facility, including its numerous connected devices and access points. To ensure continuous uptime, facility managers should review security protocols involving key systems for infrastructure management, electrical management, building management, and security management. DCIM software adopts a holistic view to monitor, analyze, and manage the facility's overall power and cooling systems, as well as its server utilization, asset tracking, and other critical functions. OT networks employ dedicated communication protocols and redundant systems to maintain reliability and resilience. Standard security procedures include regularly updating and patching software applications. Another effective measure is network segmentation: the data center OT network should also be separated from the IT network to further enhance security. New tools for data center OT security include one-way gateway technology solutions encapsulated in hardware to maintain one-way data transfer between the two networks, rather than back and forth. The software stores a copy of the active servers and devices from the OT network to share in real-time with the corporate network.

Since hardware can only send data one way, newer attack vectors can never make their way back through the gateway server to the network. Power management systems are crucial for maintaining the continuous uptime of any data center. Attacks on power generation and distribution systems can lead to interruptions or complete power outages. An offline data center faces costly service interruptions, hardware damage, customer data loss, and even potential lawsuits. Another security issue for data centers involves building management systems that control the building environment's temperature, humidity, airflow, and fire suppression. Each device and access point can present opportunities for unauthorized access. Similarly, if the security management systems for video surveillance, access control, and threat detection are compromised, unauthorized individuals may gain access to the control and operation of the data center.

Reducing Risk Begins with Understanding the Consequences
To protect the critical physical infrastructure of data centers from cyberattacks, facility managers must first adopt a robust cybersecurity risk framework as part of their overall security posture. Good cybersecurity risk management begins by translating potential risks into monetary terms, then prioritizing the most severe risks and addressing them. New strategies for reducing risk include Cyber Risk Quantification and Management (CRQM) tools, which can help data center operators assess the total business impact of OT vulnerabilities. CRQM tools thoroughly analyze the impact of any potential cyber event and then prioritize the main sources of risk to mitigate. Cybersecurity assessments can also be enhanced by adding deeper contextual information to the assessment. In this way, data center operators can proactively manage their cybersecurity risk portfolio, prioritize risk mitigation projects, and make more informed cybersecurity investment decisions.

News

Dept.

Contact Us

America
U.S.A.+
  • Add: 2485 Huntington Drive#218 San Marino, US CA91108
  • Tel: +1-626-7800469
  • Fax: +1-626-7805898
Asia
Hong Kong+
  • Address: 1702 SINO CENTER 582-592 Nathan Road, Kowloon H.K.
  • TEL: +852-2384-0332
  • FAX: +852-2771-7221
Taiwan+
  • Add: Rm 7, Floor 7, No. 95 Fu-Kwo Road, Taipei, Taiwan
  • Tel: +886-2-85124115
  • Fax: +886-2-22782010
Shanghai+
  • Add: Rm 406, No.1 Hongqiao International, Lane 288 Tongxie Road,Changning District, Shanghai
  • Tel: +86-21-60192558
  • Fax: +86-21-60190558
Europe
BELGIUM+
  • Add: 19 Avenue Des Arts, 101, BRUSSELS,
  • Tel: +322 -4056677
  • Fax: +322-2302889