FEATURE
Higher network visibility will provide greater
communication flow between network
operations and security operations teams
and will be able to proactively identify and
mitigate threats. Simultaneously, workloads
tend to fluctuate and organisations may not
be prepared for scalability which can hinder
the security environment. This calls
for strong network performance
monitoring tools to help reduce threats
by alerting security teams of any irregular
network behaviour.
While a lot is being done by data centre
owners to ensure that the networks,
servers and endpoint devices are secured,
there is also a need to pay heed to other
aspects of security that include the
cooling and heating systems, power
supplies and the security systems.
Mathivanan
Venkatachalam,
Vice
Mathivanan
Venkatachalam,
President,
ManageEngin
Vice President,
ManageEngine
Digital Transformation in the Middle
East is on the rise, sparking the need for
data governance and security. Last year,
Gartner predicted that the region would
reach US$155 billion in IT spending, up
3.4% from 2017, the highest increase for
the region in the previous three years.
Cybersecurity has become a top priority
for organisations as the average cost of a
data breach across the globe was US$3.86
million in 2018. To mitigate these threats,
data centres need to have robust security
policies in place, improve their cyber-
resilience and implement stronger security
measures to ensure their customers’ data
is secure.
Data centres collect and store massive
volumes of data from multiple sources,
which makes them an attractive target
for cybercriminals. DDoS attacks, web
application attacks such as SQL injection
and cross-site scripting (XSS), disruption
of access to DNS servers or poisoning
of DNS caches in a data centre, users
being prevented from accessing vital
services, brute-force attacks due to weak
passwords and SSL-induced security
vulnerabilities are some of the methods
used by cybercriminals to steal data or
take the servers offline. access, unusual activities, user behaviour
anomalies, policy violations, internal
threats, external attacks and data theft. A
thorough analysis will help in preventing
security attacks.
Cyber-resilience mitigates attacks Encrypt and inspect your data traffic:
Huge volumes of data travel between
data centres and to protect this data from
being intercepted, security admins need
to use strong data encryption, and inspect
outbound SSL traffic from internal users,
as well as inbound SSL traffic to corporate
servers, to identify any suspicious
traffic. A combination of encryption and
monitoring can save data centres from
attacks exploiting SSL-induced security
blind spots.
Given these threats to the data
centre network infrastructure, here
are some best practices to help defend
against cybercriminals.
Monitor the firewall: IT admins need
to regularly monitor and analyse their
firewall’s syslogs and configurations, and
optimise its performance to protect the
network. Efficient syslog analysis can help
identify security threats in real time and
effective policy management can help
prevent DNS spoofing, DDoS attacks and
web application attacks.
Don’t stop monitoring at the firewall: To
gain insights into potential threats and
stop them before they turn into an attack,
IT admins need to also look into other
log-generating devices in the network
such as routers, switches, IDSs, and
IPSs, application servers, databases and
web servers. It is critical to correlate and
analyse logs from all these sources to find
security events of interest, such as user
34
Issue 01
Keep an eye on configuration changes: The
key to efficient network management is
using an end-to-end change management
tool to track and record all configuration
changes made to network devices. Apart
from this, security admins also need an
alerting system that notifies them of all
configuration changes in real time.
Set up stringent authentication control:
Deploying a secure, centralised vault for
password storage and access plays a key
role in eliminating password fatigue and
security lapses. Automating frequent
password changes and generating real-
time alerts on password access helps keep
brute-force attacks in check.
Finally, conducting regular security audits
and running regulatory compliance
reports to identify and correct security
vulnerabilities plays a key role in keeping
data centres secure from attacks. ◊
www.intelligentdatacentres.com