According to IMB’s recently published The Cost of Data Breach Report, Broomfield’s Noodles and Company lost $10 million owing to a data breach. Personal details such as emails and phone numbers of 530 million people, including that of Mark Zuckerberg were leaked online in the latest Facebook data breach as reported by Forbes.
Cybercrime is reported to have gone up by 600% in the pandemic. There is one place where large data about an organisation is saved, i.e., Data Centers. Data Center Security is a set of procedures, protocols, strategies, and technologies that protects it from virtual as well as physical vulnerabilities.
What damage can a data breach cause?
The CEO of TechLoris, Shayne Sherman has emphatically stated that now is high time when enterprises start taking data center security seriously and prioritise it.
- Loss of reputation and customers- Business is all about giving services one of which is maintaining the privacy of the customers. Data leakage can cause heavy loss of reputation and customers.
- Regulatory violence leading to fines- If you do not meet the standards of data center protection policy, regulatory authorities may suspend your licence or fine you. Some of the important standards that you might want to check- PCI DSS, HIPAA, GDPR, SAE 18 (formerly SAE 16), and ISO 27001: 2013.
- Financial loss of capital- Data breach may make you lose millions of dollars and can significantly affect the performance. Increased rate of downtime and latency can make you lose your business.
Therefore, a data center may be exposed to physical threats and virtual threats both internally and externally. To avoid any unintended accident, data center facilities must take data center cleaning services for smooth functioning. However, there is much more in data center security that meets the eye. Let us take a look step by step.
Step 1 Securing from physical data breach
When security and IT are spelt in one line, people often think only of virtual security. They often take into account physical vulnerabilities in a data center. Cyber attacks and internal data breaches keep them preoccupied.
However, Physical threats are as real as anything. Anthony Levandowski was an engineer at Google. He stole 14,000 files from Google’s server and give them to Uber. The funny thing is that Poneman Institute found that it takes 197 days to know that the company has been robbed.
Step 2: Safe and secure location
This step is crucial for people who have their exclusive data centers and do not rely on cloud data centers, colocation or managed data center. Choosing a secluded place may not be the answer as environmental threats such as water ingress, ventilation, temperature, etc. are to be considered. The place must not be a flood-prone or earthquake-prone area.
Among other things, special measures must be taken to secure it: –
- The room or structure inside which the data center is to be installed must be made of reinforced concrete to protect it from the external breach.
- Server racks, cabinets, and cages must be fastened with bolts to the ground with rust-resistant material and protected with locks.
- Sensors for gauging environmental instability such as a rise in temperature and humidity must be installed with motion sensors.
Cybericus is one of the leading cybersecurity companies. Mark Solo, owner of Cybericus is of the view that physical attacks are not as common as cyber-attacks. But, things like these cannot be ignored.
Step 3. Surveillance and restriction of physical as well as a virtual access
Data is not gold that can be secured by submerging it in tons of concrete or high-end locks. Adequate virtual security measures are to be installed as well. IBM’s report and Ponemon Institute’s Cost of Data Breach Report found that 49% of downtime in data centres was sparked because of human error or technical failure and not cyber attacks.
One of the best things is to install a firewall against hackers and malware. Restriction on access and control of the data centre might also mitigate the risks as per Ross Thomas who is leading the IT team at The SSL Store.
Vladlen Shulepov has mentioned some of the tools for data centre protection: –
- Intrusion detection systems
- IP address monitoring
- Firewalls
Step 4. Keep your eyes peeled for updates
No one can forget the black day in the Information Age when NSA’s EternalBlue exploit was manipulated by hackers to install WannaCry ransomware on some 230,000 computers including U.K.’s National Health System. Microsoft had patched it making their systems secure.
Step 5: Data Backup facility at other location
Hackers are incessantly trying to take advantage of any loose end and enter into government accounts, hospitals, and businesses. It is important to have a backup of data in more than one place. This is what Facebook and Google do to avoid downtime.