The Data Center Threat Landscape in Asia & Globally?

Nick Parfitt, Senior Global Research Analyst, DCD GroupDCD is one of the world’s leading manufacturing & engineering company which provides solutions in the sectors of the railways, mining & energy, defence and marine.

The threat to data centres takes two main forms -Physical disruption to the facility infrastructure and cybersecurity threats to the IT that it houses. In common with the changing profile of the data center, these threats are merging - it would be possible, for example, to disrupt a data center’s operations through infiltrating the IT that runs it. Greater attention is being focused on security globally and in Asia. This is the consequence of data centres becoming more central to modern lifestyle and business and this trend will continue - think of what might happen if the digital systems behind an autonomous vehicle or surgeries via robotics are compromised. The increased threat landscape is also a consequence of the growing and evolving network architectures which link data centres with each other and with customers and which have been a key to the development of cloud. Cyber attacks have become increasingly more sophisticated and targeted and include(among other things)the most common current security threats. The cyber level faced nowadays include: DDoS attacks, Web Application attacks such as SQL injection and cross-site scripting,Brute Force Attack, Ransomware, DNS Infrastructure Attacks, Malware including Trojans,'viruses' and 'worms', Phishing(illegitimate requests for information and passwords), Advanced persistent threats, Social media threats and many others. Like natural viruses that can adapt to anti-antibiotics, so do these threats can adapt to defences put-up against them.

The growing connectivity between data centres globally also means that trying to distinguish between the threat levels in different markets or different areas of the world is more difficult - data traffic of whatever kind has little respect for national boundaries. Physical threats to data centres also have changed. As the trend has been away from housing data in enterprise data centers to larger colocation and data center services facilities and to access services from cloud providers so there is now a generation of web scale and hyperscale data centres that are far larger, more open and more publicised than has been the case in the past. Security measures have been developed to continue to protect these facilities both outside and inside, while
remembering that security also needs to let in people who are authorised to enter.

How the security requirements and approach need to change to keep-up with the pace?
The basic requirements of security both physical and logical remain unchanged - that is to challenge rather than accept and to do so 100 percent as far as is possible. The development of technological solutions per se does not guarantee security-deployment, agility, training, being proactive in establishing and revising security protocols mean that it is the operation that is critical. This is not new but there is now an increasing urgency to taking security measures.

"As the world gets more digitalized, so do the data centres will need to do even more to maintain availability"

Security is thought about as facilities and systems are designed rather than being added on as an after thought. Across the Asia Pacific (based on DCD’s survey of 797 industry professionals in January 2018), improving security (both physical and cyber) is the key investment driver for decision relating to data infrastructure (60.2 percent). A high majority - 89.3 percent of the sample - also agree that security management is now the key factor in maintaining availability. Therefore, to ‘keep-up with the pace’ means implementing security that is able to adapt to provide consistent, constant and intelligent protection across evolving and hybrid data center models against advanced and evolving threats. Today’s defence against cyber-threats will be real-time, continual and immediate in response. It will usually involve multiple layers of cyber-defence so if one is breached, the next can step-up, it will be automated and use multiple points of data collection(IoT)to make decisions and to evolve the protocol necessary to maintain protection. The processes for the physical security of the data center will include new technologies such as biometrics, automated access or denial of access based on this. It will be able to identify who or what the physical threat may be based on database matching of photographs or number plates.

What are some interesting trends and common pain points in the industry?
There are a number of trends that are shaping data center markets. The first is the continuing move from in-house data centers into facilities and services provided outside the organisation ('outsourcing'). As a related trend is the move away from legacy IT (physical servers) towards nonphysical,'dematerialised' infrastructure and components. This includes components and services that are created within and sourced from virtualised, cloud-based or software-defined environments. The pain points aside from security are accessing the resources required to meet the increasing demand for data center facilities and services,among enterprise sectors. Resources may include money, power (in particular power sourced from sustainable sources), water, connectivity, staff/skills, access to quality outsourcing facilities and services.

Future outlook for DC/Cloud security in Asia?
It is fairly much a continuation of the chess game as described above between threats (at both the cyber and infrastructure levels) and defences. As the world gets more digitalized, so do the data centres will need to do even more to maintain availability. Increases in the number of automated and lights-out facilities and the levels of connectivity between data infrastructure will increase the risk profile. This means that companies will need to look very carefully at the risk profile they need to adopt for their infrastructure. Security will be looked at as part of this process and also as part of the evaluation of overall data health. Increasingly, sophisticated algorithm-based techniques can be used in conjunction with big data analytics,not just to identify security threats, but to diagnose the wider principle of 'data health'. Data anomalies, where the 'norm' has been established on the basis of prior empirical learnings do not necessarily mean a threat. Therefore, the ability to distinguish between data anomalies and genuine threats will become increasingly important in order to identify and deal with threats efficiently rather than engaging on wild goose chases.