Three Steps To Secure your Data Center
- January 12, 2010
Its Cloud Computing which bought server-oriented, virtualization and new Internet applications. With Cloud Computing Data Center Services are now more active with flexible boundaries. However this change towards Cloud Computing also added new levels of intricacies. IT managers now have to work more hard in order to secure equipment in Data Center so that precious data of the customers will be safe from spiteful attacks.
Organizations are now asked to check all the operations in a Data Center are working correctly, also all the equipments are secure. Not just the equipments and applications but technologies, people and policies should also be kept under the eye of organization which are required to keep the Data Center active and functioning.
Based on the expert views there are few points or steps which if followed can secure your data center against all the malicious attacks and also make it more active then ever. Here are the steps:
Set Up a Secure Zone for Network
Once the physical security level is installed the real hard work of securing network starts. Securing network systems begins with development area followed by test subnet which is separated from the traffic of the development area. Production which is the third area is considered as the most boring area and most of the efforts and time of system administrators is wasted in this area.
Since this zone works on approved production equipments administrators are asked to imply new systems to control production network. Administrators can organize virtual or physical systems to the sub-networks which are attached to the virtual area network. Other than that strict rules related to outgoing and incoming traffic are also deployed.
Before applying rules managers of Data Center should find out the different requirements of the different business which are handled by sub-networks. For example traffic related with production should be restricted to irrelevant websites and other services like e-mail should use ports with outgoing links.
Wireless access points should be avoided in Data Center because even with two factor authentication and wide working radius they are difficult to control. In the security of Data Center there are three steps to be followed, first one is operational framework is ensures global information grid is available which should have integrity and protection. Technical protection is second and third and last is certification and accreditation of applications to be used in data center.
Physical Access should be Secure
Each layer and system in your data center is important, secure access to every room of your Data center. It is seen that commonly data center managers start with other complex tasks like controlling access to systems and mostly forget the physical security measures and concentrate on network side. In a perfect security systems, measures should be taken at every point of the Data Center.
Physical security for a Data Center includes ID cards, fenced campus, bio-metrics system and video surveillance, specially for the outer entrances of the Data Center. Inner Layers doesn’t need all security measures mentioned above and two important security measures should be taken care of are video surveillance and biometrics. One more important type of access to the inner parts of the Data Center is proper locking on the server. This is done to avoid any accidental error which can be caused by any wrong person working on the servers.
Organize Communication among security devices in Data Center
Cloud Computing and Colocation Hosting Services has changed nearly every style of working in web world, security is also included. Most important thing in cloud computing is securing the data that is flowing between client systems, virtual machines within the data center and also between two data centers. In order to secure everything something more than port protocols is required like application identification technology.
Application identification technology apply signatures which helps in determining which application is peer to peer program or a shareware program. Application denial of service attacks should also be included in your security measures. Traditionally denial of service of attacks was programmed to fight of attack by using the “black hole” technique.
Drawback of this technique was that administrators have to remove all the traffic from the server that is under attack. Nowadays there are other solutions available which helps in determining which traffic is legal and which is illegal.