The data center is the brain and nerve center of the enterprise, the place where its most precious resources are housed. This makes it a highly valuable target for cybercriminals—with big money to be made in the extortion of companies through malware attacks. Just last month, for example, over 160 Applebee’s restaurants in the U.S. were hit by a malware attack on their point-of-sale (POS) systems—and the chain is still assessing the damages.
Today, with data breaches constantly making headlines, it’s more important than ever for your customers to take precautions to secure their data centers. Here are 5 critical areas they should invest in:
- Physical security
Controlling access is an essential first step in preventing data center security breaches. This can take many forms: requiring badges, key cards or codes for entry into the facility; installing video surveillance technology; and/or erecting locked cages to house servers.
- Server security
This can be accomplished through appliance encryption or the use of scanning technology to ensure that data goes to the appropriate recipients and is properly encrypted. Data center managers need to take added precautions to address security concerns related to server virtualization—issues like how to ensure that hypervisors are locked down and any additions, deletions and moves are properly safeguarded. Compartmentalizing applications, Web services, application services, database services into physically separate racks is a good way to prevent data linkage or spillage.
- Security information and event management (SIEM) tools
With networks continuing to grow in size and complexity, there’s a critical need for centralized, easy-to-access monitoring tools. Instead of a security monitor having to open multiple apps and attempt to tie together different alerts, SIEM provides management, integration, correlation and analysis all in one place. A variety of vendors, including IBM, McAfee, Micro Focus and others, now offer SIEM systems designed to help an organization maintain an optimal security posture.
- IT personnel trained in security
Every organization needs to have a core group of professionals that know how to develop and implement a basic security framework—a set of cybersecurity procedures and processes that reflect the latest thinking and best practices.
- Security training for end users
Employees need to know how to identify threats and minimize vulnerabilities. They can serve as a valuable first line of defense if they have the knowledge and tools.
Investing in these five areas can help ensure that your customers have the proper defenses in place to protect their mission control centers—the place where data lives and where business-critical operations are spearheaded.