Data is currency to hackers. “For a hacker, there’s no difference between a stack of $50 bills and a bunch of unguarded PHI (personal health information) or credit card numbers,” says Phil Jefferson, an independent cybersecurity consultant in Fort Worth, adding that “most hackers would rather have the PHI than the stack of money.”
Yet, while you wouldn’t leave a pile of money on a table out in the open for anyone to access, many companies still do this with data. As such, MSPs need to take their role as guardians of data very seriously as what target could be more tempting for a hacker? A data center may as well be called a “cash center” because, for hackers, a successful breach of a data center is like a successful heist of a bank.
Strategizing to keep the data center safe
The National Cybersecurity Centre in the United Kingdom released new guidance last week for keeping data centers safe. A successful intrusion by a hacker causes a loss in direct-driven revenue, which leads to businesses facing potential regulatory violations, loss of productivity, and downtime. Advising a “holistic” approach to data center cybersecurity, they recommend:
“By bringing together the physical, personnel and cyber security of data centres into a singular strategy, you can better withstand the diversified methods state threat actors, cybercriminals, and others may use to attack them.”
This is an approach that Jefferson and other experts agree with.
“MSPs need to treat data centers like they are Fort Knox or a bank. You shouldn’t just have a single security solution for a bank…you need cameras, teller training, changes to layout and floorplan, and so on,” Jefferson advises. “MSPs need to apply the same logic to data centers.”
Also, an increasing number of MSPs have their own data centers. “MSPs that have their own data centers need to guard those just as vigorously as they do their clients. Nothing undermines an organization’s confidence in their MSPs than to have the MSP be a victim of a breach,” Jefferson emphasizes.
Building in resilience
The National Cybersecurity Centre report also emphasizes the need for resilience. If an attack occurs, there must be a way to mitigate the damage. Jefferson advocates using the “CIM Strategy” which is to “contain, isolate, and then mitigate” breaches. One way to limit damage from a breach, for example, is to have multiple avenues into the data center that are not connected. So, if a hacker gets in one way, IT specialists can still get in another.
A few specific questions from the National Cybersecurity Centre that MSPs should consider for their data center clients include:
- Do you have a resilient and diversified supply chain, including services, hardware, and software, which can withstand disruption and minimise bottleneck effects?
- Are the building service rooms critical to the functioning of the data centre, e.g., electrical, battery and mechanical rooms, backup generators etc., protected from physical attack and sabotage?
- In the event of a physical or cyber incident, you have sufficient people-power, e.g., adequate numbers of security personnel, engineers, and other incident management staff, who can provide a sustained response?
Identifying the source of risk
Risk is another area that MSPs need to assess when dealing with data centers. Some businesses that might seem very high risk, for instance, those with many social security numbers, may be lower risk than a healthcare facility because PHI is worth far more on the dark web.
Where does the risk come from? The National Cybersecurity Centre report points to several factors ranging from geography, ownership, supply chain, and even people.
“This is where a holistic approach works because even looping in a company’s HR department to do more stringent checks on data center employees is a good idea. MSPs can’t do it all, and insider threats are an increasing one as it becomes more and more clear how valuable data can be,” Jefferson suggests.
MSPs with data center clients also need to perform annual or bi-annual security audits. As more computing moves to the edge, software solutions evolve, and hardware ages (or is replaced), MSPs need to stay on top of this. “In a year, with all the moving parts that a data center has, the security solutions you devised on January 1 may be completely outmoded six months later, so we recommend bi-annual or, at the very least, annual assessments of data center security,” Jefferson says.
Updating data center insurance policies
Another piece of advice for MSPs with data centers as clients is to review and update insurance policies. “A breach of a data center can have a devastating effect that ripples out in so many directions that you want to make sure your liability policy covers all eventualities,” explains Jefferson.
Still, despite the risks, data centers are a super opportunity for MSPs. “Data centers are growing in importance and number and there just isn’t the IT talent out there to service them. MSPs can fill that gap,” Jefferson concludes.
Photo: Gorodenkoff / Shutterstock