Today, it’s more important than ever to secure your critical infrastructure. You just have to look at some of the large cyberattacks that occurred this year to understand why.
- JBS paid an $11 million ransom to cybercriminals who temporarily knocked out plants that process roughly one-fifth of the US’s meat supply.
- Colonial Pipeline paid $4.4 million worth of Bitcoin to a criminal hacking group that forced the company to take systems offline and disable the pipeline. It was the largest ever cyberattack on an American energy system.
- A cyberattack aimed at Australian broadcaster Channel Nine rendered them unable to air several shows, disrupted their internet access, and brought down several of their publishing tools
- The London-based Harris Federation suffered a ransomware attack that forced them to disable the devices and email systems of all 50 academies it manages. 37,000 students were unable to access their coursework and correspondence.
- A cybercriminal attempted to poison the water supply in Florida and managed to increase the amount of sodium hydroxide to a potentially dangerous level from 100 parts per million to 11,100 parts per million
In 2020, 80.7% of organizations suffered at least one successful cyberattack, and 35.2% suffered six or more. You must follow best practices to avoid being one of these victims.
Best Practices to Improve Cybersecurity
- Use the right protocols, certificates, and encryption. Know the differences between common protocols and certificates to keep your infrastructure secure. For example, SSH encrypts traffic in both directions which helps you prevent trafficking, sniffing, and password theft better than Telnet. Or, instead of using HTTP, use the advanced HTTPS which implements an SSL or TLS to encrypt the information between a server and a client. And finally, SNMP v3 provides a more secure environment in managing systems and networks than SNMP v1 and v2.
- Consider your default password policies. A strong password policy is your first line of defense against attackers. Follow best practices like encouraging users to choose long passwords or passphrases, asking employees to create new passwords in the case of a potential threat or suspected unauthorized access, enforcing a password history policy with at least 10 previous passwords remembered, and resetting service account passwords once a year. Passwords should not be easy to guess, a string of numbers or letters, or a user’s name, birth date, or other easily obtained information. Enforce strong authentication mechanisms using integrated Active Directory or SAML 2.0 authentication services. Active Directory is useful for authentication, group and user management, and policy administration, while SAML 2.0 enables a single sign-on experience and allows users to use one set of credentials (password, two-factor authentication, etc.) to log into multiple tools.
- Consider hardware upgrades if current hardware does not meet security requirements and standards. If your current hardware does not meet security requirements and standards, you may need to complete a refresh. Consider hardware like intelligent rack PDUs from a vendor that provides regular firmware updates. When buying new equipment, consider how it fits into your security infrastructure (i.e., is it compatible, will it cause significant disruptions to integrate into the network). If you anticipate issues, determine how you would overcome them without exposing your network before implementation.
- Have a centralized way to keep all infrastructure updated and secure. Deploy data center management software to reduce data center security risks and comply with security compliance regulations while still ensuring that technicians have the access they need. Data Center Infrastructure Management (DCIM) software centralizes data center security management to give you peace of mind.
Improve Cybersecurity with Centralized Firmware Updates
Firmware is an essential part of data center operations and needs to be on a solid maintenance schedule. The firmware of your power infrastructure has a direct impact on security, reliability, efficiency, and performance. Without routine maintenance, the benefits are lost.
You may receive hardware from the manufacturer with the latest firmware, but over the product lifecycle, the firmware will be updated to fix security vulnerabilities. Over time, data centers end up with a variety of different firmware versions across all instances of the same piece of equipment. Disparate firmware versions across your physical infrastructure can be hard to detect but it leaves you open to security threats.
Maintaining the most recent firmware version for all devices mitigates security risk, but many data center managers either miss firmware updates or don’t have the time to update all their devices. Plus, the process can be time-consuming and inefficient when done manually.
However, a comprehensive, second-generation DCIM solution will enable you to roll out firmware updates in bulk to supported intelligent rack PDUs. Bulk firmware updates are a simple yet effective data center security best practice that can help reduce the likelihood of a cyberattack.
More Ways DCIM Software Improves Cybersecurity
The biggest threats to data center security are the data center employees. 60% of organizations report experiencing at least one insider attack in the past 12 months. Leading experts deploy DCIM software to protect their physical infrastructure via:
- Bulk device configuration updates. Intelligent PDUs and other internet-enabled devices help simplify data center management, but since they are connected to the network, they may be vulnerable to attackers. DCIM software allows you to make bulk configuration changes like SNMP settings, authentication, and administrator credentials.
- Electronic door lock access control. DCIM software helps you track when there are attempts to open cabinet doors, by whom, and if the attempt was successful. You no longer have to keep track of keys or cards, can save time, and can meet compliance requirements.
- Video surveillance. DCIM software supports feeds from IP and USB cameras, and multiple feeds can be added to a dashboard so you can easily monitor multiple areas or sites remotely.
- Role-based permissions. Granular, role-based permissions allow you to prevent unauthorized changes from personnel. DCIM software also integrates with existing LDAP systems and Active Directory for an extra level of authentication.
- Alerts, audits, and reports. Instantly know when cabinet doors are open so you can identify unauthorized personnel in your data center. This information is also captured in an audit log and security reports to help with forensic analysis in case of a security breach. Reporting helps you spot trends around access to different areas of your site so you can pinpoint and investigate suspicious activity.
The goal of data center security management is to allow authorized users in while keeping intruders out, both physically and from cyberattacks. By following best practices, leveraging DCIM software, and maintaining the most recent firmware versions for your hardware, you will safeguard your data center against intrusions.
Want to see how Sunbird’s industry leading DCIM software can help you drive better data center security practices? Take a free test drive today.