Security Buyer takes a look at the growing importance of incorporating cybersecurity and AI driven capabilities into physical security at datacentres
Trusting your data to a 3rd party landlord can be a significant risk. With open cages, unprotected meet rooms, and no remote surveillance, all it takes to bring down your network is an intruder plugging in a USB drive. Multilayered security solutions close security gaps by protecting physical assets with real-time monitoring and response management, eliminating both physical and cyber intrusion risks.
It’s time for CIOs and CISOs to work together. With the widespread adoption of IoT and IIoT devices, we’ve entered into a new era of hybrid attacks that blur the lines between physical and cybersecurity.
2019 was the worst year on record for data breaches so far. 2019 saw an increase of 33% from the year before for an alarming total of 5,183 separate data breaches that left 7.9 billion records exposed. CNET even rounded up a “2019 Data Breach Hall of Shame.”
No company wants to be the next Equifax. Or the next Marriott, who in January 2019 announced that the records of 383 million guests – including some passport numbers and credit card information – had been hacked.
With over 175 zettabytes of data expected by 2025, enterprise datacentres are one of the largest and fastest growing markets in the world. In the wake of these embarrassing catastrophes, enterprise level companies with datacentres have rushed to try and find the latest cyber security technologies promising protection.
One of the most important aspects of security sometimes remains overlooked: the physical layer of these datacentres (Layer 1). The actual fibre optic cables transmit this data, making it possible for millions to make financial transactions and surf the net, are not safeguarded properly in the majority of datacentres. In order to regain and keep the trust of their customers, companies are going to have to address their Layer 1 security.
Current datacentre physical security standards are not stringent enough. Datacentres today focus on digital forms of prevention, surveillance, and fortification. They routinely use encryption and firewalls as their primary forms of data protection. They may additionally require the use of virtualised private networks and personnel training on common digital scams.
Digital intrusion and detection systems include monitoring the number of service requests, the number of users with elevated rights accessing the system, the movement or extraction of large datasets, and an increase in phishing attempts.
To address the physical layer, most enterprise datacentres employ small armies of technicians, security guards, CCTV cameras, gates, and biometric readers. Some also run regular audits to determine weaknesses. The problem is, the current industry standards for protecting the physical layer are often a) an afterthought and b) not enough to prevent service interruption and malicious attacks.
Your data’s level of encryption means nothing if your entire network can be downed because of damage to the network’s critical physical infrastructure. The overwhelming task of connectivity is threatened by a single bump, intrusion, or cut of a cable, regardless of the firewalls and encryption equipped to protect the actual digital data.
Data can also be stolen with encryption. What’s worse, if insufficient surveillance allows a bad actor to steal your data without your knowledge, they’ll have as much time as they need to crack your encryption.
The only way to provide true security to your datacentre is to combine cyber and physical security. When you can centrally manage surveillance, detection, and response, your customers’ data is secure.
Unified cyber-physical protection, or UCP, secures critical infrastructure from physical attacks by addressing the major cyber-physical vulnerabilities specific to enterprise datacentre environments. UCP is a combination of best of breed hardware and software components that provide continuous surveillance and automatic inspections to cut down costs over time and eliminate errors. It is fully compliant with NIST datacentre physical security requirements.
IoT or AI driven surveillance can provide real-time data from state-of-the-art sensors in order to monitor, identify and prevent major outages due to physical disruption or tampering for both Inside and outside plant environments. These new technologies are sophisticated enough to discern false alarms and provide real-time analysis of the severity of any intrusion through a real-time dashboard that’s remotely accessible.
Hacking, malware and spyware are the obvious threats to data stored in a datacentre.
A security information an…
To read more news and exclusive features see our latest issue here.