Steps towards server security
28th Jan 2013 | 07:30
How secure are physical servers from theft, and how does this fit with back-up services?
As the cloud begins to dominate how businesses manage their vast array of data, the physical security of the server hardware is often overlooked. In 2011 an exchange for the Vodafone network was attacked with thieves targeting routing equipment. If your business's servers were stolen, do you have adequate data back-up regimes in place?
As the server landscape has changed so has the attraction of these pieces of hardware to thieves. They were once specialist pieces of equipment that were hard to resell, but have now become commodities that find their way onto a black market that is ready and waiting to resell.
For IT managers the physical security of their servers goes hand-in-hand with the data backup that ought to be in place. With physical security there are a number of points to bear in mind.
One of these is whether the data centre being considered has been purpose built or is it a building that has been repurposed? If the latter, look for areas such as windows that have had their hinged left on the outside, making it easy for thieves to simply take out the hinge pin and lift the entire window out of its frame.
Does the building have limited entry points that have some form of identity authentication such as swipe cards or biometric identification devices? Do all doors have alarms including the fire doors that are mandatory? And do CCTV cameras cover your data centre building adequately and are there any blind spots?
In essence, the closer a person gets to the servers at the heart of the building the more layers of security they should have to pass through. This should be right up to the server cabinets that ought to have a key lock or a keypad for access.
Safe as houses?
One of the key roles of an IT manager is to mitigate the risks that their physical servers face, and the precious data they contain. Ensuring the physical servers are protected is the first step, but a full data backup and recovery plan should also be in place.
IT managers should be paying close attention to the changes that Windows Server 2012 offers with data backup and recovery. The key new development is Storage Spaces, which creates a pool of storage that looks and acts just like a single hard disk.
Coupled with this is the new Resilient File System (ReFS) system that improves on NTFS with more robust data corruption control, with Hyper-V 3.0 offers live migration to any attached storage via virtual machines.
Data backup is a core component of server management. IT managers considering server security should ensure their policy equally covers the physical and virtual machines that make up their business' critical server platforms.