As more businesses move to securely drive their cloud strategy, safeguard corporate data and effectively capture value from the cloud, trends in IT security, risk management and perimeter protection that help minimise the risk of downtime, information theft and data loss in the data centre need to be explored.
Data centre security was put in the spotlight at the Security 2012 Exhibition. Cloud computing, if not properly secured, can result in the loss of direct control over systems for which they are nonetheless accountable, attendees were warned.
It was noted at the exhibition that strong authentication and access controls are paramount to govern who has access to information and can alter it, and that businesses should also make sure that data is being encrypted and data integrity protected. In addition, implementing strong key generation, storage and management, and destruction practices, and leveraging strong two-factor authentication, can help alleviate cloud risks, attendees were informed.
Attendees were also warned that data centres themselves – as the physical ‘home of the cloud’ – present a further vulnerability that needs be addressed as part of a comprehensive risk assessment.
The exhibition advocated the use of access control and intrusion prevention technologies to secure data centre facilities. This includes the use of:
- a dense network of security cameras to provides CCTV (closed circuit television) coverage that allows security staff to monitor the premises 24/7
- high-tech security gates and mantraps, and
- biometrics to ensure that only authorised personnel have access to the server infrastructure.
“As a rule of thumb, businesses should conduct a comprehensive supplier assessment when choosing an external cloud service provider, and insist on transparency into overall information security and management practices, as well as compliance reporting. Together with the right IT and perimeter security solutions, a sound approach to risk management is the best strategy to fend off threats of data loss and theft in the data centre,” concludes Brett Judd, exhibition director of Security 2012 Exhibition.