Intelligent Data Centres Issue 01 | Page 34

FEATURE Higher network visibility will provide greater communication flow between network operations and security operations teams and will be able to proactively identify and mitigate threats. Simultaneously, workloads tend to fluctuate and organisations may not be prepared for scalability which can hinder the security environment. This calls for strong network performance monitoring tools to help reduce threats by alerting security teams of any irregular network behaviour. While a lot is being done by data centre owners to ensure that the networks, servers and endpoint devices are secured, there is also a need to pay heed to other aspects of security that include the cooling and heating systems, power supplies and the security systems. Mathivanan Venkatachalam, Vice Mathivanan Venkatachalam, President, ManageEngin Vice President, ManageEngine Digital Transformation in the Middle East is on the rise, sparking the need for data governance and security. Last year, Gartner predicted that the region would reach US$155 billion in IT spending, up 3.4% from 2017, the highest increase for the region in the previous three years. Cybersecurity has become a top priority for organisations as the average cost of a data breach across the globe was US$3.86 million in 2018. To mitigate these threats, data centres need to have robust security policies in place, improve their cyber- resilience and implement stronger security measures to ensure their customers’ data is secure. Data centres collect and store massive volumes of data from multiple sources, which makes them an attractive target for cybercriminals. DDoS attacks, web application attacks such as SQL injection and cross-site scripting (XSS), disruption of access to DNS servers or poisoning of DNS caches in a data centre, users being prevented from accessing vital services, brute-force attacks due to weak passwords and SSL-induced security vulnerabilities are some of the methods used by cybercriminals to steal data or take the servers offline. access, unusual activities, user behaviour anomalies, policy violations, internal threats, external attacks and data theft. A thorough analysis will help in preventing security attacks. Cyber-resilience mitigates attacks Encrypt and inspect your data traffic: Huge volumes of data travel between data centres and to protect this data from being intercepted, security admins need to use strong data encryption, and inspect outbound SSL traffic from internal users, as well as inbound SSL traffic to corporate servers, to identify any suspicious traffic. A combination of encryption and monitoring can save data centres from attacks exploiting SSL-induced security blind spots. Given these threats to the data centre network infrastructure, here are some best practices to help defend against cybercriminals. Monitor the firewall: IT admins need to regularly monitor and analyse their firewall’s syslogs and configurations, and optimise its performance to protect the network. Efficient syslog analysis can help identify security threats in real time and effective policy management can help prevent DNS spoofing, DDoS attacks and web application attacks. Don’t stop monitoring at the firewall: To gain insights into potential threats and stop them before they turn into an attack, IT admins need to also look into other log-generating devices in the network such as routers, switches, IDSs, and IPSs, application servers, databases and web servers. It is critical to correlate and analyse logs from all these sources to find security events of interest, such as user 34 Issue 01 Keep an eye on configuration changes: The key to efficient network management is using an end-to-end change management tool to track and record all configuration changes made to network devices. Apart from this, security admins also need an alerting system that notifies them of all configuration changes in real time. Set up stringent authentication control: Deploying a secure, centralised vault for password storage and access plays a key role in eliminating password fatigue and security lapses. Automating frequent password changes and generating real- time alerts on password access helps keep brute-force attacks in check. Finally, conducting regular security audits and running regulatory compliance reports to identify and correct security vulnerabilities plays a key role in keeping data centres secure from attacks. ◊