Felix Rosbach, Product Manager at comforte AG, discusses how data centre owners can best ensure cyber-resilience.
With an ever-increasing attack surface, security is a constant struggle for data centres. While IoT enables us to analyse data like never before, every device represents a potential attack vector.
Aside from DDoS attacks and other methods of sabotage, the most painful type of cyberattacks are the ones involving theft of sensitive data. Stolen data is not only problematic in terms of reputation and losing IP, in the age of GDPR it can also result in very hefty fines.
There are two main problems:
First is malicious software: this is a battle that is extremely hard to win, especially with the digital workplace and smart devices connected to your data centre.
Second are backdoors: the bad guys always seem to find a way to get in somehow.
Sometimes systems aren’t patched or it’s simply impossible to patch a legacy system because there are dependencies on older software versions you would never have even thought of. Sometimes the OS is so dated it might no longer have active support available and security patches simply don’t exist anymore.
For example, with backdoors on systems that are facing the Internet, attackers are able to launch web attacks like SQL injection, cross-site scripting or cross-site request forgery to gain access to sensitive data.
You can do a lot to protect your network with classic perimeter defence.
Firewalls, intrusion detection systems, patching unpatched systems, identifying servers that are listening on unwanted service ports – these things are still important. The days of ‘never touch a running system’ are way over – now it’s ‘you’d better touch a running system.’
But even if you buy every security solution possible you will never be 100% secure. These only protect you against known attack methods. But the more connections you have, the more complex your network is, the less effective is it to build a wall around it. Moving to the cloud, connecting to IoT and having digital workplaces in your enterprise only complicate the situation.
The way to go forward is to implement sophisticated identity access management in combination with data-centric security.
With that combination you make sure that only the right people get access and, if somehow the wrong people still manage to gain access, they can’t use the data.