Security is the important strategy which is to be planned and implemented across all infrastructure layers to secure the IT infrastructure and the information stored in both traditional datacenter and cloud datacenters. Efficient security methods and processes have to be implemented to prevent unauthorized access to company assets and also to maintain the integrity and confidentiality of sensitive information from unknown users.
In the previous posts, we learned the basics and fundamentals of Virtualization and Compute, Network and Storage. In this post we will learn the security fundamentals and various security technologies and techniques that can be used to secure the Compute, network and storage components of a data center.
- Introduction to Security
- Security Considerations and Countermeasures
- Compute Servers (VMs) Security Overview
- Network Security Overview
- Storage Security Overview
- Introduction to Encryption
- Identity and Access (IAM) Security Overview
Security Considerations and Countermeasures
The cloud provider or an organization which maintains their own datacenter should follow some sort of countermeasures such as creating an action, a device, a procedure or a technique to reduce or minimize the security threats caused by the vulnerabilities. This can be achieved by eliminating or preventing it. Corrective and preventive actions should be implemented to minimize the harm caused by the attack. Below are some of the key security considerations or countermeasures that can be implemented in datacenter to secure the IT systems and the information stored in the systems.
Security by Design
- Principle of least privilege – Only grant access to system that is needed for its function.
- Perform code reviews in regular intervals
- Unit Testing
- Plan for Defense in Depth
- Design infrastructure to fail secure
- Record audit trails and store the logs securely
- Disclosure of vulnerabilities to security & operations team so that they can take appropriate actions.
Security architecture is the design artifacts which describes how the security controls or countermeasure are related and incorporated with the IT architecture. These security controls will maintain the systems integrity, availability, confidentiality, accountability and assurance services. Some of the important security controls are NIST controls and CIS hardening controls.
Adequate security measures and processes such as threat prevention, detection and response processes has to be implemented to obtain the required security levels. Some of the security measure are
- User account access controls
- Access Control Lists (ACLs)
- Intrusion Detection System (IDS)
- It is the process of identifying and mitigating the vulnerabilities that are found in networks, software’s and firmware’s.
- Tools are available to regularly scan the vulnerabilities which analyzes a system with known vulnerabilities in the public internet.
- Third party security organizations can also run regular penetration tests against the systems to identify the vulnerabilities.
- Identified vulnerabilities has to be remediated or mitigated by implementing additional security policies or processes based on the critical of the vulnerabilities.
Hardware Protection Mechanisms
Hardware in the datacenter or in office locations has to be secured, hardware based or assisted computer security also provides an additional security on top of software security. Below are some of hardware security measures that can be implemented
- Disabling the usage of USB dongles or pendrives
- Firmware upgrades and patches
- Using Trusted Platform modules (TPMs)
- Implementing computer case intrusion Detection system to generate alerts
- Drive Locks to prevent unauthorized physical access to the drives
- Disabling peripheral devices like security cameras, GPS, removable storage etc which are not in use.
- Enabling bio-metric validation and multi factor authentication on mobile phones to connect access control systems etc
See: Hardware Components in the Datacenter
Regular Security Training for Employees
- Employees are widely considered as the weakest link from the security perspective and it is estimated that more than 90% of security incidents and breaches are caused due to human error.
- Some common human errors are poor password management, the inability to recognize misleading URLs and to identify fake websites, dangerous email attachments and saving user id and passwords of bank websites.
- These threats pose high risk for the company and as well as to the employees personally and these threats can be mitigated by the Multi factor authentications.
Organizations need to conduct security awareness training’s in regular intervals to prevent these potential security threats as well as be in compliance with regulatory and industry mandates.