Feeling Secure About Protecting Your Data Center from Cyber Attacks?
April 27, 2021
2020 was a unique year, as we all know. It brought new adversity to global businesses and many had to quickly adjust and adapt by moving to remote and distributed workforces. What 2020 also revealed was a unique opportunity for cyberattackers to hit the open range, with documented increases in malware and phishing attacks, ransomware and unauthorized server access.
Even more so than ever before, and in a time when cybercriminal activity is expected to be one of the biggest challenges businesses face over the next two decades, data centers must level-up their layers of security to protect business-critical and customer data, particulary during times where remote work becomes more prevalent.
Fortunately, data centers can implement effective solutions that can help to minimize risks and prevent cybersecurity incidents.
Six Basic Considerations When Building an Access Control System
Monitor and Restrict Access
To effectively prevent cybersecurity incidents, implement and enforce access restrictions. This best-practice not only applies to cyber efforts, but also to physical assets, including at the rack or cabinet level. This will help to minimize unnecessary risk and reduce the chance of a breach. According to Verizon’s 2020 Data Breach Investigations Report, 30% of breaches were caused by insiders. Begin by reviewing permissions for each user that has access to the network. Do they really need full access? What level of access should they have?
Implement Physical Security
A successful cybersecurity strategy must include measures for physical security and access control of IT equipment. After you've reviewed permissions, take a look at how you're going to protect what's in your data center rack or cabinet. Are you taking a keyed-lock approach? Are you enhancing your security at the rack or cabinet-level by upgrading to networked electronic access control? In either case, it will be up to you to decide which specific method of technology to use, and physical access control at the rack- or cabinet-level will help to simplify management and prevent unauthorized users to access the servers and switches in which data is stored.
Key and Rights Management
When keyed locks are used to secure equipment cabinets, companies must have a strong and completely effective key management program. Typically, all cabinets are keyed alike. It is possible to use combination locks, or have groups of cabinets keyed differently to limit access, but this requires a strong system for documenting assigned combinations.
Logging Reports and Auditing
Document a person's presence in the building, preferably in a controlled front-of-building area, ensures you have record of who and when a person was active in your facility. But, this is a manual process and will require resources to provide witness and documentation, filing and long-term capture of individual access.
When a data breach occurs, immediate event response is critical. With a keyed lock system, IT teams must manually check the condition of doors and locks. If a key is lost or stolen, they must rekey the lock. Again, a manual process that relies upon resources and reliable documentation of not only user permissions, but also follow-up and a protocol that documents the outcome of this manual process. Then, when rekeying occurs, a review of permissions and new keys distributed... you get the point. It's a pain-staking process that allows room for human error.
Jurisdiction: IT or Facilities Management?
When it comes to data center cabinets and systems, security is most often controlled by IT, given it is the IT department that oversees data protection and the controls applications that side in the equipment. On the filp side, building management system platforms are deployed to enforce security of the facility and is owned by facilities management.
To prevent cybersecurity attacks or incidents, it’s most prudent for both IT managers and facility management (those typically versed in operational technology, or OT) to better understand the responsibilities and functions of each other’s team as they come together to achieve security goals.
The Benefit of Networked Electronic Access Control
So, you've taken the above into account. And perhaps you'd like to move away from a keyed-lock approach. There are major security benefits and significant savings that you can capture by using networked electronic access control at the rack or cabinet-level.
Consider Chatsworth Products' (CPI) eConnect®
RFID Electronic Lock Kit as the first line of defense for cybersecurity policies and data protection, providing audit capabilities and detailed reports of who and when the cabinet is accessed. Security System Integration Kit for Wiegand-based security panels is also available.
Why Choose eConnect RFID Electronic Lock Kits from CPI?
Traditional cabinet-based networked locking solutions are expensive and can be challenging to deploy and use. The eConnect RFID Electronic Lock Kit solution is an economical, effective and easy-to-use networked locking solution for data center cabinets that works with CPI’s eConnect Power Distribution Units (PDUs).
This integrated solution enables remote programming, monitoring and control of every cabinet—limiting physical access to information systems and equipment—and preventing data and identity theft.
Benefits of eConnect RFID Electronic Lock Kits:
- Integrates cabinet- and device-level power management, environmental monitoring and access control, removing the need to power and network the locks separately
- Provides a completely integrated, easy-to-use and deploy networked solution at a savings of 50% or higher over traditional solutions
- Works with most employee badges to easily manage access rights and automates monitoring, documenting and control of access and allow fast reprogramming if access rights change or if a credential is lost or stolen—no hardware modification is required.
- Extends monitoring to the cabinet- and device-level for more granular reporting and better decision making
- A built-in audit trail helps ensure regulatory compliance and meets requirements, such as FISMA, HIPPA, Saas SOC 2® and more
- Ability to use the permissions set within a RADIUS server to provide higher levels of security
- In the event of a breach, event response is simplified and shortened, and in some cases, automated.
Bonus! Achieve Additional Savings from eConnect Secure Array® IP Consolidation
CPI’s eConnect RFID Electronic Lock Kit works with eConnect PDUs to provide integrated power management and cabinet access control using a single network connection, one user interface and one user database, which provides additional deployment savings. You can link up to 32 PDUs, 32 locks and 64 environmental monitoring sensors using one IP address.
There are many layers of security needed to protect your facility from cyber attacks, but it's possible to minimize risks.
To learn more about RFID Electronic Lock Kits, visit www.chatsworth.com/power.
And it's timely to mention that we'll be at the Interop Digital event on April 29, where we'll cover the topic of cybersecurity. If you're going to be virtually attending, be sure to virtually visit us. Haven't yet registered? Register now.
Posted by Brittany Mangan, Digital Content Specialist at 4/27/2021 11:35:08 AM