Datacenter security risks arise on a physical, human, and digital level. The Uptime Institute has analyzed possible threat scenarios, and shows the resulting tasks and solutions. Operators routinely secure their data centers with comprehensive access control measures against physical intrusion from outside.
But cloud computing and increasing remote monitoring increase the attack surface of many data centers. In addition to new digital vulnerabilities, human risk factors also contribute. It is therefore important to record all potential security risks in an individual threat model, protect oneself accordingly, and continuously check the associated security protocols and processes.
Security Risks: Human Risk Factor
Much of the incidents in data centers can be traced back to human error. Even if it is impossible to eradicate such human risks, they can be minimized through training, tools, and processes. Datacenter operators should keep an eye on the following risks and possible solutions :
- Deliberate internal threats can arise from authorized employees, suppliers, or visitors who act maliciously and want to cause damage. Most operators, therefore, carry out background checks, provide different access levels, provide security escort for visitors and reduce the possibilities for tailgating (someone follows an authorized person through a door).
- Weak authentication, such as single-source identification, can pass access cards on and share. Even if some ID cards have copy protection, they can still be cloned with special devices. Multi-factor authentication, for example, can make access to security-critical areas much more difficult for attackers.
- Social engineering means manipulating authorized persons so that they reveal sensitive information. Even simple manipulation of people by phone and email or publicly available data can be very effective. Automated security systems can help identify anomalies in communication, such as email phishing campaigns against employees and visitors.
- Spying on routine communication: Hackers use the regular transmission of employees to track digital traces and use them for attacks – also combined with social engineering: Cybersecurity and training tools against social engineering can be used here for prevention. In addition, open-source intelligence software (OSInt) can automatically scan the Internet for keywords specifically mentioned in a terrorist context.
Digital Security Risks
Data centers are increasingly being automated, monitored, and managed with Data Center Infrastructure Management (DCIM) systems. This is where risks arise that must be systematically addressed:
- Security gaps through remote access: At least 90 percent of all uninterruptible power supply systems (UPS) over 50 kVA have IP addresses and can be remotely controlled using the SNMP standard protocol. Many power distribution units (PDUs) are IP addressable, as are many other devices and device types. Infrastructure device manufacturers use security measures such as passwords, but these are sometimes inadequate, and often the standard codes are never changed.
- Security risks from legacy devices: Legacy devices and technologies, particularly for power supply, cooling, etc., which have been in good use for a long time, can be unprotected online. In older control systems, the security built-in as standard is outdated and not developed with cybersecurity in mind.
- New hacking tools and biometric gaps: Hacking tools and techniques also evolve and sometimes bypass credentials. Datacenter operators who rely on biometrics should trust the providers’ claims that the storage of credentials – and the linking of biometric information and access rights – are unassailable, not blindly trusted.
Systematically Record Risks With Threat Models
To identify weak points in data center security and to set priorities, a systematic risk analysis is required, a recording of the multi-layered threats. The first step is to create an individual threat model using a structured process.
On this basis, effective countermeasures can be taken to create security on all levels in data centers – physical, human and digital.
