The biggest headache that keeps CIOs and IT managers up at night is data center security. Data centers around the world are being continuously bombarded by malware and cyber criminals seeking a chink in the enterprise armor that will give them access to proprietary data that they can turn into profits. What worries the IT gatekeepers is whether or not their security is adequate, and if they can keep the barbarians from the gate. They ask themselves the same questions over and over again, but are they the questions they should be asking about their cyber security?
First, consider that total security against cyber attack is almost impossible, so it’s not a matter of if you will be hacked but when. Once you understand that you can’t plug all the leaks all the time, you have to approach enterprise security in two ways: 1) preventing a data breach, and 2) minimizing the impact when a data breach occurs. Solution providers can play an instrumental role in both incident prevention and response.
According to a research study by IBM and the Ponemon Institute, the cost of a cyber breach increased 23 percent over the last two years to an average of $3.79 million. The average cost of losing a record with confidential data climbed from $145 in 2014 to $154 in 2015. When helping customers develop a security strategy and a disaster response plan, the objective needs to be to minimize the potential for data compromise to reduce the cost of a data breach.
So what questions should you be asking your data center customers to help them formulate a security strategy? Here are six questions to consider:
What have you got to lose?
The first step is to identify where the sensitive data and IP reside. If the data center were to be hacked, or the enterprise infrastructure were compromised, what would a cyber thief be likely to uncover? In addition to sniffing passwords and identifying ways to break into the network, you want to make sure to protect the data that matters. Lock up the crown jewels in a secure location and protect them with extra security such as two-factor authentication.
What protective measures do you have in place?
Assess the current security strategy, including firewalls, authentication strategies and password and credential management. What protections are already at work, and where can they be strengthened? Once you have an inventory of current security measures, it will be clearer where additional protection may be required.
Do you want to protect the data or the data repository?
It’s not uncommon for the focus of enterprise security to focus on protecting the castle walls. Data can be secured behind firewalls or on servers with hardened security, but using that approach alone does only part of the job, and it limits where and how you can store sensitive data. For example, more companies are putting sensitive information on the cloud for secure access from multiple locations and to facilitate disaster recovery. If you protect the data as well as the data repository, you have a better chance of preventing a cyber breach. Apply proven data encryption and authentication strategies to protect data in transit as well as data at rest.
Have you considered the human factor?
People are the biggest threat to any data center or data network. You can have the best security technology available, but the locks are useless when employees leave keys like passwords on paper taped to their monitor. The biggest threats to network security are disgruntled employees and worker carelessness. Any security strategy has to include rigorous employee training in simple security protocols. It also requires taking steps such as changing passwords on a regular basis and being diligent about changing credentials for departing employees. IT needs to work closely with HR on employee training and system provisioning. Also, be wary of trade partners and suppliers. More companies are using electronic B2B transfers, which could expose access to sensitive network resources.
Have you done a security audit?
Every company should audit its security protocols regularly. This is where a solution provider or integrator can play a critical role. Companies should not be tasked with grading their own security. This is a task better left to outside experts who can perform an audit and present an unbiased scorecard with recommendations. In fact, most security problems go undetected for months and are often uncovered by a third party. A security audit is not a one-time event, but should be conducted regularly, because security requirements change.
What is your security remediation strategy?
Remember that it’s not if an enterprise will have a data breach but when. Have an emergency response plan in place. Be prepared to change credentials and lock down the system, have a protocol in place to determine what data might have been compromised and be sure that you have all the right parties, including the executive team, on an emergency contact list with instructions to take immediate action. There are any number of responses that can be triggered by a data breach. For example, 47 states, the District of Columbia, Guam, Puerto Rico and the U.S. Virgin Islands have laws that require that consumers be notified of a data breach where personally identifiable information is exposed.
No organization should tackle security alone. There is too much room for error and too many areas where security weaknesses can be overlooked. Solution providers, integrators, consultants and even experts such as Ingram Micro can offer expert advice; provide an unbiased, outside view of systems security; and help customers develop a comprehensive security and remediation strategy.