Last year was the worst year on record for data breaches. 2019 saw an increase of 33% from the year before for an alarming total of 5,183 separate data breaches that left 7.9 billion records exposed. CNET even rounded up a “2019 Data Breach Hall of Shame.”
Why Data Centers Must Focus on Physical Layer 1 Security?
August 5, 2020Last year was the worst year on record for data breaches. 2019 saw an increase of 33% from the year before for an alarming total of 5,183 separate data breaches that left 7.9 billion records exposed. CNET even rounded up a “2019 Data Breach Hall of Shame.”
No company wants to be the next Equifax. Or the next Marriott, who in January 2019 announced that the records of 383 million guests – including some passport numbers and credit card information – had been hacked.
With over 175 zettabytes of data expected by 2025, enterprise data centers are one of the largest and fastest growing markets in the world. In the wake of these embarrassing catastrophes, enterprise level companies with data centers have rushed to try and find the latest cyber security technologies promising protection.
But one of the most important aspects of security remains overlooked: the physical layer of these data centers (Layer 1). The actual fiber optic cables transmit this data, making it possible for millions to make financial transactions and surf the net, are not safeguarded properly in the majority of data centers.
In order to regain and keep the trust of their customers, companies are going to have to address their Layer 1 security. Read on to learn how enterprise data centers can secure their physical layers and why it’s imperative that they do so.
Current Industry Best Practices for Securing Data Centers Layer 1
Current data center physical security standards are not stringent enough.
Data centers today focus on digital forms of prevention, surveillance, and fortification. They routinely use encryption and firewalls as their primary forms of data protection. They may additionally require the use of virtualized private networks and personnel training on common digital scams.
Digital intrusion and detection systems include monitoring the number of service requests, the number of users with elevated rights accessing the system, the movement or extraction of large datasets, and an increase in phishing attempts.
To address the physical layer, most enterprise data centers employ small armies of technicians, security guards, CCTV cameras, gates, and biometric readers. Some also run regular audits to determine weaknesses.
The problem is, the current industry standards for protecting the physical layer are often a) an afterthought and b) not enough to prevent service interruption and malicious attacks.
Why is the Physical Layer So Important?
Your data’s level of encryption means nothing if your entire network can be downed because of damage to the network’s critical physical infrastructure.
The overwhelming task of connectivity is threatened by a single bump, intrusion, or cut of a cable, regardless of the firewalls and encryption equipped to protect the actual digital data.
Data can also be stolen with encryption. What’s worse, if insufficient surveillance allows a bad actor to steal your data without your knowledge, they’ll have as much time as they need to crack your encryption.
The Data Center’s Achilles Heel
Besides the fact that the heavy manpower required to manually surveil physical infrastructure traditionally results in large operational costs, Layer 1 security cannot be achieved simply through personnel and cameras and the current data center security guidelines.
An estimated 75% of all network cabling is located in publicly accessible areas. That means someone could walk right up to a fiber optic or copper cable with a relatively unsophisticated data tapping device and breach your entire operation. Current industry standards ignore basic entry points such as manholes, which could allow unauthorized personnel to access a data center’s fiber optic cable network.
Alternatively, unprotected cables leave you exposed to service outages during any natural disaster, new fiber installations, nearby construction, as well as malicious attacks.
A data center’s most important aspects in regards to proper physical security protocol are its uptime and response time. An unmonitored physical layer makes the 99.99% minimum up time requirement an almost impossible feat, while response time depends on when personnel realizes something’s gone wrong.
Every data center is vulnerable not only to outside actors, but to internal employees as well.
Put more simply, a data center’s staff can also be a liability. We’ve seen staff refuse to go into certain data center areas for fear of losing their jobs if something goes wrong there. No matter how well trained the personnel, audits and inspection forms are also subject to human error. And these are problems only for data centers that have the means to be properly staffed in order to perform all the necessary inspections!
Keeping the necessary personnel to constantly keep an eye on a data center’s physical layer manually is both a financial and operational challenge, especially because many data centers are built in remote locations where hiring is difficult.
How to Solve the Layer 1 Problem
The only way to provide true security to your data center is to combine cyber and physical security. When you can centrally manage surveillance, detection, and response, your customers’ data is secure.
Unified cyber-physical protection™, or UCP, secures critical infrastructure from physical attacks by addressing the major cyber-physical vulnerabilities specific to enterprise data center environments.
UCP as exemplified by our CyberSecure IPS™ solution is a combination of best of breed hardware and software components that provide continuous surveillance and automatic inspections to cut down costs over time and eliminate errors. It is fully compliant with NIST data center physical security requirements.
Designed for extra sensitive detection, CyberSecure IPS™ provides real-time data from state-of-the-art sensors in order to monitor, identify and prevent major outages due to physical disruption or tampering for both Inside and Outside Plant environments. IPS is sophisticated enough to discern false alarms and provide real-time analysis of the severity of any intrusion through a real-time dashboard that’s remotely accessible.
Originally created for the U.S. Department of Defense, we’ve continued to develop our suite of solutions for the commercial market, bringing the enterprise data center a level of security that meets the requirements of the most defense-conscious industries.
Don’t Wait Any Longer To Secure Your Physical Layer
The dormant threat of unprotected physical layers at data centers around the world is terrifying. Data center security threats increase every year, and are only made more dire by the rising popularity of the Internet of Things (IoT). As IoT devices become ubiquitous, the number of threats and attacks against them will only continue to increase. By ensuring the physical Layer 1 security of your data center, you can rest assured that your client’s sensitive data and your enterprise’s reputation will remain safe.