FEATURE
Seamless recovery – The larger a
company, the more complex a full
recovery can be. Relying on a traditional
backup solution gives your IT department
the full responsibility for data retention
and infrastructure examination. system because there are dependencies
on older software versions you would
never have even thought of. Sometimes
the OS is so dated it might no longer have
active support available and security
patches simply don’t exist anymore.
Industry experts offer their views
on the most significant modern
threats and what can be done
about them. For example, with backdoors on systems
that are facing the Internet, attackers
are able to launch web attacks like SQL
injection, cross-site scripting or cross-
site request forgery to gain access to
sensitive data.
Felix
Rosbach,
Product
Manager at
Felix
Rosbach,
Product
comforte
AG at comforte AG
Manager
With an ever-increasing attack surface,
security is a constant struggle for data
centres. While IoT enables us to analyse
data like never before, every device
represents a potential attack vector.
Aside from DDoS attacks and other
methods of sabotage, the most painful
type of cyberattacks are the ones
involving theft of sensitive data. Stolen
data is not only problematic in terms of
reputation and losing IP, in the age of
GDPR it can also result in very hefty fines.
There are two main problems:
First is malicious software: this is a battle
that is extremely hard to win, especially
with the digital workplace and smart
devices connected to your data centre.
Second are backdoors: the bad guys always
seem to find a way to get in somehow.
Sometimes systems aren’t patched or
it’s simply impossible to patch a legacy
You can do a lot to protect your network
with classic perimeter defence.
Firewalls, intrusion detection systems,
patching unpatched systems, identifying
servers that are listening on unwanted
service ports – these things are still
important. The days of ‘never touch a
running system’ are way over – now it’s
‘you’d better touch a running system.’
But even if you buy every security solution
possible you will never be 100% secure.
These only protect you against known
attack methods. But the more connections
you have, the more complex your network
is, the less effective is it to build a wall
around it. Moving to the cloud, connecting
to IoT and having digital workplaces in your
enterprise only complicate the situation.
The way to go forward is to implement
sophisticated identity access management
in combination with data-centric security.
With that combination you make sure that
only the right people get access and, if
somehow the wrong people still manage
to gain access, they can’t use the data.
Sachin Bhardwaj, eHosting DataFort,
Sachin Bhardwaj, eHosting
Director,
Marketing
and Business
DataFort,
Director,
Marketing
Development
and Business Development
The increasing use of Big Data and the onset
of the Internet of Things has only added
to the intensity of the need to prioritise
cybersecurity within data centres. One is
also mindful of the ongoing regulations and
compliance needs that have shot up.
This sets the pace for a far more holistic
approach to cybersecurity which
32
Issue 01
comprises of a well-rounded security
strategy that involves both governance
and the operations angles. It includes
a combination of information security,
information system security as well as
physical security. And the framework
must be in a strong position to identify,
protect, detect, respond as well as
recover data.
At a time when attacks are only getting
to be more sophisticated and increasing
in numbers, there is evidently a gap in
the requisite security professionals where
www.intelligentdatacentres.com