Saturday, May 1, 2010

How Data Centers Handling Cyber Terrorism

In previous posts I’ve mentioned about what Cyber terrorism is and explained about different kind of attacks which clients may face with them. Also I’ve described some defensive strategies of prevention from Cyber terrorism.

Yesterdays I was reading a true story about Data centers which exist in all on the world that keep and serve requested information of their clients. Data centers everyday try to serve their clients in a better manner in terms of accessing to information accurately and in a short time.

So in this post I intend to explain more about data centers and their exposure to any cyber terrorism attacks which may happen for data inside this data centers.

Recently, a survey was conducted by data center provider Digital Realty. It revealed that most of the data centers are in expanding mode in the next 2-3 years. They also found out of 300 North American Companies surveyed that 83% plan for data center expansions in the next two years because they need more power.

The recent AFCOM (leading association of data center) survey of 400 data centers revealed that only one-third have considered cyber terrorism as part of the disaster recovery plans, only one-quarter have policies and procedures manuals in place for cyber terrorism, and only one-fifth provide cyber terrorism employee training. Also, end users are keeping close eye on data centers because they are demanding more. They realized how important data centers are and they cannot do good business without them. Customers also expect that the performance of data center never fails or slows down.

There are different technologies and approaches that can be effective against cyber terrorism for Data centers:

1. Physical security: physically breaching the weak security of a data center is far easier for an attacker with little or no technical know-how. So it is extremely important to set-up multiple layers of physical security around your data center to encounter any act of cyber terrorism.

2. Recruit well-trained security personnel: The first layer of security of a data center is having a batch of efficient security personnel deployed at strategic locations. Care must be taken to recruit well-trained security personnel from a reputed security agency

3. Access control systems: The entry point of the data center should have the most stringent access control systems in place to prevent any unauthorized intrusion. There are generally three types of user authentication mechanisms:

ü unique individual passwords like a PIN

ü a tangible document that belongs to the user, like an ATM card or an ID card

ü Biometric authentication based on measurable, unique, physical characteristics of an individual, like fingerprint, voice recognition, face recognition, hand geometry, vascular patterns, retina scan etc.

In conclusion I would like to mention that Security of data in our data center is critical not only for our business but also for overall security of individuals. If data regarding customers in an organization is available to criminals, then this data can be used for identity theft for camouflage. If compromised information is financial in nature then this could fund terrorists.


No comments:

Post a Comment