Multiple levels of security can be thought of in terms of probability theory. Say for example I want to prevent my blog from a malicious attack. My first level of security is a complex password that only I know. However this defense is not perfect because brute force and other methods will eventually crack it. I place the possibility of a hack at 0.2 because most criminal software times out before reaching this point.
I decide to improve my security by adding a question. This question is what is my favorite food, and the answer is the one my brother hates most. I place the possibility of someone guessing this at 0.3 because broccoli is notoriously unpopular. I multiply two probabilities together to obtain the chance of both events occurring simultaneously. In this case the likelihood is (0.2 x 0.3) = 0.06 so acceptably low for a personal blog application.
Probability theory, and the associated costs of a breach, can form the basis of all good security systems architectures, whether cyber or physical. A comprehensive IT strategy requires security of both kinds, because a data attack is not only a cyber-attack. It can also include a physical attack on hardware or in a worst case scenario, physically copying or stealing data, which is where your datacenter can come into play.
An important step in designing your security strategy is determining likelihood of various attacks, and your tolerance for a breach along with the damage it would cause. These damages can be direct (monetary), but also indirect (brand perception).
Crimes of Opportunity and Determined Attacks
We need to distinguish between two types of crimes and prepare accordingly. Crimes of opportunity use fortuitous opportunities, such as walking into a convenience store and finding a point of sale unattended. By comparison, determined attacks are calculated attempts to worm a way through defenses.
How to Design a Data Center for Cyber Attacks
Many IT professionals neglect the benefits of a datacenter with designing their cyber security strategy. While compliance, network visibility and awareness, and policies more often fall to the application layers which is often outside of the scope of colocation, the physical attributes of a facility often bring enhanced capabilities.
A large challenge for many corporate datacenters is availability of fiber and connectivity. Most colocation facilities benefit the hub and spoke model, providing dark fiber interconnection or cheap bandwidth for VPN connectivity/access with the many carriers (often times 10+ carriers) available as opposed to having one or two options. Being able to blend different mixes reduces the chances of DDOS attacks, and opens up entirely new use cases for private access such as full dark fiber interconnection that extends private networks to the end users where it may have been cost prohibitive before.
Another major benefit that colocation providers bring is their ecosystem. Datacenters transact and supply use cases and builds for hundreds of enterprises, and sit in the middle of conversations with many providers about security architecture. This usually leads to those operators being able to connect you with the latest and greatest in technology and use cases.
We endeavor to design to meet the following standards:
- Prevent unauthorized access to shared information in the system.
- Ensure that information in the system is only accessible to authorized users
- Ensure that the system is available for authorized access
The three principles above highlight that security assigned to users will protect their computers and information stored on them. While at the same time making sure that authorized users can use secure platforms like the internet to access that information store.
Designing a data center that aligns information security and usability is a challenge for developers. This is because system programmers are fighting to make something usable in any environment, while developers look at functionality, performance, privacy, security, and usability. Aligning the physical infrastructure such as carrier and fiber availability, along with the ecosystem solves a valuable piece of that puzzle.
How to Protect a Data Center from Physical Intrusions
Defenses against Crimes of Opportunity
A physically unprotected building is wide open to attacks of all kinds. A secure data center uses layers of passive security that effectively eliminate the possibility of a casual intrusion. Consider this model of decreasing probabilities:
- An imposing structure that scares people away (0.6)
- Visible security cameras (0.5)
- A high fence and gate with strong grounds lighting (0.4)
- Warning signs that trespassers will be shot and or prosecuted (0.2)
- Guards on active patrol (0.1)
- Fiber connectivity to a control room behind multiple layers of biometrics and access control doors (0.05)
The cumulative likelihood of someone penetrating all these defenses is hence (0.6 x 0.5 x 0.4 x 0.2 x 0.1 x 0.05) = 0.00012. Because of all this, it is highly unlikely that someone will do a hit and run on a data center. (Figures are illustrative only)
Defenses Against Determined Physical Attacks
A determined intruder will seek away to circumvent these concentric layers of physical protection. A trusted client, employee or technical service provider effectively bypasses all the above measures because the system expects to find them on the premises by prior arrangement.
This person has probably been considering the possibilities for a while. They are patient and prepared to take their time because the pickings can be extremely rich. Since they are likely to be friendly and approachable, the solution is rock-solid automated physical defenses in the data hall itself.
Physical Security Measures
- Divide the data hall into separate sections
- Implement cage level security at each access point
- Replace entry codes and cards with biometric scanning
- Make sure the flow of information is on a private network such as dark fiber
- Consider advanced cage measures (overhead, subfloor, tamper resistant)
- Hard pipe conduit directly to MMR’s for data cabling
Physical Data Protection
- Comply with the PCI standard to prevent access to client data
- Ensure backups are HIPAA compliant and fully redundant
- Audit all service providers to SSAE standards
Finally, avoid taking a blanket approach to all threats. Rationalize the most likely ones and think about how they might combine.
Why Security in the Absence of Usability Will Not Help
Creating a system with too much security, without the thought of how the user will access or use the system is an exercise in futility. Security professionals need to find a way of making the business run by doing what it is supposed to do safely and securely. The goal is not to make it impossible for the allowed user. A door that is hard to open is a door that is likely to be left open, if it is too much of an inconvenience to the layman frequent user.
Security settings should be in place to ensure that all applications can run securely from start to finish. You need to know how to trade off usability and security without one outrunning the other. Your budget allocation should be split among the two, with most funding going to aspects of the system that are a priority.
Final Thoughts: Designing a Data Center for Security and Usability
The aim is to achieve the best design that is user-friendly, and has the right attitude and behavior towards safety when thinking of security and usability in a data center. A security professional must be present throughout the process, and seek to protect the most valuable assets before or after security breaches.