By Richard Pain, with contributions by David Linthicum, Sarah D. Scalet and Tom Gillis
This article is sponsored by Telin Singapore
Twice every year, data centre provider Telin Singapore hosts a landmark gathering of technology experts, its customers and partners, to garner their viewpoints and current requirements regarding the current state of the cloud and colocation data centres.
This event aims to broaden and deepen Telin Singapore’s understanding of the industry so it can provide better services in various areas, including provisioning, security, and managed services options.
The next roundtable, scheduled for November 2017, aims to address what exactly is a secure data centre? Is it the physical premises, the security hardware, the software, or the operating procedures that make a data centre security?
To provide some food for thought in advance of the event, we have gathered views of CIO Asia’s extended network of IT security experts and contributors. Here’s what they had to say:
The Latest Cyber Attacks show why the Cloud is Safer by David Linthicum, InfoWorld
Computer systems from the Ukraine to the United States were affected by the Petya cyber-attack earlier this year, similar to the WannaCry ransomware before it.
The WannaCry ransomware took advantage of vulnerabilities in the older versions of Windows that allowed the infection to spread. All someone needed to do was click a malicious link and—bang!—they were infected. That is, if they hadn’t installed the patches and updates.
These attacks are a reminder of why the cloud is a safer place to do your computing.
Using the cloud makes you less likely to get attacked and breached. The layers of security in the cloud are more than a deterrent for most attacks. The cloud providers proactively monitor these clouds, and they quickly spot and quickly block them. And they automatically apply operating system, application, and service patches and fixes are automatically behind the scenes.
Extremely few IT organizations do the same. The cost of security is just too much for most enterprises to bear, and most can’t keep up with all that needs to be done to keep their systems and users secure enough from WannaCry, Petya, and other malware that shut down systems.
Whilst the cloud can suffer from outages, yes, just like enterprise IT systems. But no major cloud provider has fallen victim to all the malware attacks of the last few years. What does that tell you?
Physical Data Centre Security Measures by Sarah D. Scalet, Senior Editor, CSO
There are plenty of complicated documents that can guide companies through the process of designing a secure data center, but what should be the high-level goals for making sure that security for data centers is built into the designs, instead of being an expensive or ineffectual afterthought?
Redundancies: Data centers need two sources for utilities, such as electricity, water, voice and data. Trace electricity sources back to two separate substations and water back to two different main lines. Lines should be underground and should come into different areas of the building, with water separate from other utilities. Use the data center's anticipated power usage as leverage for getting the electric company to accommodate the building's special needs.
Use two-factor authentication: Biometric identification is becoming standard for access to sensitive areas of data centers, with hand geometry or fingerprint scanners usually considered less invasive than retinal scanning. In other areas, you may be able to get away with less-expensive access cards.
Harden the core with security layers: Anyone entering the most secure part of the data center will have been authenticated at least three times, including:
At the outer door. Don't forget you'll need a way for visitors to buzz the front desk.
At the inner door. Separates visitor area from general employee area.
At the entrance to the "data" part of the data center. Typically, this is the layer that has the strictest "positive control," meaning no piggybacking allowed.
Other physical security precautions can include:
Using landscaping for protection
Retractable crash barriers at vehicle entry points.
Using plenty of cameras and planning for bomb detection
Whilst these extra precautions can be expensive, they're simply part of the cost of building a secure facility that also can keep humming through disasters.
Encryption is the Foundation of the New Data Center by Tom Gillis, Contributor, Network World
For decades, encryption was an arcane art. Encryption was slow, clunky and highly complex, and as a result, the vast majority of data in the data center resides on storage systems in the clear. Sensitive data has historically been protected by IP segmentation and firewalls with IPS modules. This model is now changing.
As workloads in the corporate data center begin to migrate to the public cloud, the need to encrypt data in motion and at rest becomes foundational. In the public cloud, it is much harder to rely on the traditional approaches of wrapping select data with firewalls and IPS systems. At the same time, it is much easier to post a heap of sensitive data to an object store such as Amazon S3 and inadvertently leave it open to the unwashed Internet. Customer-controlled encryption is becoming a necessity for the enterprise hybrid cloud.
The data center of the future will be defined entirely in software. It will be dynamic and portable, spanning premise-based private clouds and hyperscale public clouds. It will provide businesses with the agility they need to respond to rapidly changing market conditions, as well as to innovate rapidly. A software-based encryption solution will be the foundation of this new data center architecture. The role and importance of such an encryption layer is only just beginning to be realized.
These issues and more will be discussed at the Telin Singapore 3rd Advisory Council Roundtable in November 2017.
This comes just months after Telin Singapore was awarded the Data Center Technical Breakthrough award at the inaugural Datacloud Asia Awards earlier this year. The award was given to the Telin-3 data centre, Singapore’s first and only UTI Tier-IV certified purpose-built data centre, meaning it guarantees the highest level of uptime and resilience.
Image: The Telin-3 Data Centre in Singapore
Operated on a carrier neutral basis, Telin-3 is a five-storey, multi-tier building offering multi-layer security, diverse multi-carrier connectivity and a Tier III (constructed facility) level of resilience to provide world-class bespoke, scalable and fully independent, dedicated data suites.
To learn more about the Telin-3 data centre and how it can help your company offer secure digital products and services across Southeast Asia, click here
This article was originally published on CIO Asia.Back