November 5-7, 2019: ICT & Logistics
Colocation: security within a data center
The importance of securing company data
Online privacy and the protection of personal data have recently been much discussed topics. The business network is an essential foundation of the organizational infrastructure because a large part of all business activities take place through this network. Consider, for example, the storage of company data, customer data and the exchange of financial transactions.
Nowadays, there is an increasing threat of external cyber-attacks by hackers and criminals. The consequences of a cyber-attack can be major for an organization. Such attacks can lead to financial damage due to the theft of financial resources, reputation damage and the loss of customers and income. Securing company data is therefore essential.
Cyber-attacks occur in various shapes and sizes. These attacks can be aimed at the network, hardware and software. Cyber-attacks can vary from, for example, a computer virus or a hack to a DDoS attack.
For example, several cases recently emerged where Chinese hardware appeared to contain eavesdropping chips and malware. Several news media reported that the Chinese government had placed tiny bugs in Supermicro’s servers. Supermicro’s servers were used in Apple and Amazon data centers, among others. The Chinese concern Huawei was also previously accused of espionage through software. The US has even blacklisted Huawei, as a result of which US companies are not allowed to do business with the Chinese concern. A report by a task force also appeared in the Netherlands in which vulnerabilities in the networks of Dutch telecom providers were investigated. No additional restrictions are currently being imposed on Chinese equipment in the Netherlands. But according to the AIVD, providers must take extra measures to prevent espionage taking place via networks.
To limit the risk of a cyber burglary, the equipment on which mission-critical applications run must meet the highest security requirements. In addition, it is also important that both the physical IT environment and the network environment where this equipment is located are maximally protected.
Data centers and security
With colocation (also known as “colo”), organizations place their hardware at an external location. This location is located outside of the company premises in an external data center and is therefore “co-located”. Organizations can rent racks in a server room for their physical hardware such as servers and network equipment in a data center. Read more about the benefits of colocation.
The protection of data centers consists of a series of policies, precautions and physical security measures to prevent unauthorized access to the equipment (and the applications running on it) within a data center. These measures usually go further than the security measures of regular business premises. The data center, as an important primary source of data storage for organizations, must make dedicated security efforts to protect the critical equipment of their customers. It is important for organizations to check which requirements and certifications the data center meets.
Today, securing your data is more important than ever. Data centers (in cooperation with third parties) offer different solutions to protect networks against cyber threats. A number of examples are antivirus and antispam solutions, firewalling, anti-DDoS solutions and VPN
Antivirus and antispam solutions
These solutions protect your computer systems against viruses, spam, spyware and malware. There are various software solutions for this.
A firewall blocks data traffic that is not welcome within a network. Security rules within a firewall ensure that the traffic, which is allowed or not, is filtered.
When using MPLS, data is exchanged within a closed infrastructure, and not via the public internet. This is managed by an MPLS provider and is therefore not visible to external parties. This makes the network practically untraceable for hackers.
DDoS stands for Distributed Denial of Service. A DDoS attack aims to make a server, service or infrastructure inaccessible by sending a lot of bandwidth to a server. The server becomes overloaded and therefore slow or unreachable for legitimate traffic. An anti-DDoS solution can detect and block DDoS attacks so that a server remains accessible.
VPN stands for Virtual Private Network. This network is protected by encryption. Via a secure VPN connection, external computers can connect to a local network, such as a corporate network.
The General Data Protection Regulation (GDPR), the new European data protection law, came into force on May 25, 2018. There are various certifications that indicate whether data centers meet these standards. For example, NEN 7510 and ISO 27001 are standards for information security. The ISO 27001 certification concerns the establishment, implementation, implementation, control, assessment, maintenance and improvement of a documented management system. The NEN 7510, a Dutch standard regarding information security, is an addition to this.
Michiel van der Donck, Security Officer at Smartdc, talks in an interview about information security. Read more.
In addition to redundant power supply, cooling and fire protection, physical protection is one of the four foundations of colocation services. By means of various physical security designs, data centers make sure that only authorized access to the colocation space takes place. For this, several security layers are applied, these are provided with organizational and electronic security measures.
Read more about the security within Smartdc here.
In the following weeks we will dive deeper into a series of blogs about the security aspects that come with data storage, data centers and networks.