|By Matt Smith||
|April 8, 2014 03:00 PM EDT||
Securing your data comes down to making both physical and virtual changes to your data center. From interior and exterior surveillance systems to software that detects system-level changes across remote and distributed locations, you must make use of any and all available strategies to secure your data from interior and exterior threats.
You need to upgrade your data center for a number of reasons, from reducing risk to increasing service availability. The recent attacks on financial services and online retailers give you another reason to rethink your data security measures. Learn how to implement sound ideas and strategies to protect your data and keep your data center secure against potential threats.
Control Physical Access
Although you have a lot of work to do in order to secure your data on the network side, you still have to control who has access to each system or the network layers. Use key cards to enter rooms, and supply badges for people with certain clearance permissions. Use a guard to escort visitors in the data center, and watch all activity using surveillance cameras. Also, limit your entry points into the building.
Protect the Data Center from the Inside and Out
Keep all data-sensitive servers behind locked cages. Construct a fence around the perimeter of the property with a guard on duty. Use trees, shrubs and other landscaping to hide the data center from the road. Remove the words "data center" off any signs. In addition, only use windows where appropriate. If you have windows in server areas, make sure to use laminated glass to prevent intruders from breaking in and stealing the equipment.
Prohibit Food in Secured Areas
Your data center needs a commons area where people can eat and drink without risking the computers and other sensitive equipment. Keep all drinks away from the servers, and mark all computer doors with "no food or drink" signs.
Secure Your Network
Once you tackle the physical security of your data center, you must focus on securing your network. Have the security administrators set strict rules for both incoming and outgoing traffic. Deploy certain systems, such as mail servers, to subnetworks that attach to virtual local-area networks. Use security monitors or data-leakage prevention monitors to watch traffic and look for bizarre activity.
Scan for Vulnerabilities
Use app-scanning tools to look for application vulnerabilities. Hackers consistently look for vulnerabilities that they can exploit, so you need to scan an app before publishing or using it over the network. In addition, scan any newly written source code for vulnerabilities or buffer overflows.
Protect the Data from a DDoS Attack
Firewalls alone do not always provide effective solutions for distributed denial-of-service attacks, or DDoS. In fact, many hackers trick the firewalls into allowing them inside a trusted client's firewall. Use a reliable application DDoS software to determine legitimate traffic from bogus attacks. Set up an Intrusion Prevention System, or IPS, in front of your data center assets to find malicious worms and prevent attacks.
Use a combination of firewalls, IPS and SSL devices to protect against hackers, and protect your network with security and data-leakage prevention monitors. Set up security around the perimeter of the building to prevent intruders, and install surveillance cameras to watch for internal and exterior sabotage. Restrict permissions to data-sensitive rooms, and make important rooms available only with a key card.
Never underestimate a hacker on the network or an intruder from stealing sensitive information from the data center. Take all precautions from the beginning of the center's construction, or upgrade the center according to the latest security standards. From guarded entryways to Intrusion Prevention Systems, you can secure your data and protect your business.
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture. Moderated by Andi Mann, panelists discussed how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations might...
Mar. 29, 2017 06:30 AM EDT Reads: 6,243
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem" ...
Mar. 29, 2017 06:00 AM EDT Reads: 9,029
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, will discuss how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He will discuss how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
Mar. 29, 2017 06:00 AM EDT Reads: 2,807
The essence of cloud computing is that all consumable IT resources are delivered as services. In his session at 15th Cloud Expo, Yung Chou, Technology Evangelist at Microsoft, demonstrated the concepts and implementations of two important cloud computing deliveries: Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). He discussed from business and technical viewpoints what exactly they are, why we care, how they are different and in what ways, and the strategies for IT to transi...
Mar. 29, 2017 05:00 AM EDT Reads: 6,402
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
Mar. 29, 2017 04:00 AM EDT Reads: 15,077
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
Mar. 29, 2017 04:00 AM EDT Reads: 3,175
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Mar. 29, 2017 03:45 AM EDT Reads: 2,129
Virtualization over the past years has become a key strategy for IT to acquire multi-tenancy, increase utilization, develop elasticity and improve security. And virtual machines (VMs) are quickly becoming a main vehicle for developing and deploying applications. The introduction of containers seems to be bringing another and perhaps overlapped solution for achieving the same above-mentioned benefits. Are a container and a virtual machine fundamentally the same or different? And how? Is one techn...
Mar. 29, 2017 03:30 AM EDT Reads: 3,208
Niagara Networks exhibited at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
Mar. 29, 2017 03:30 AM EDT Reads: 3,348
Extreme Computing is the ability to leverage highly performant infrastructure and software to accelerate Big Data, machine learning, HPC, and Enterprise applications. High IOPS Storage, low-latency networks, in-memory databases, GPUs and other parallel accelerators are being used to achieve faster results and help businesses make better decisions. In his session at 18th Cloud Expo, Michael O'Neill, Strategic Business Development at NVIDIA, focused on some of the unique ways extreme computing is...
Mar. 29, 2017 03:30 AM EDT Reads: 11,750
My team embarked on building a data lake for our sales and marketing data to better understand customer journeys. This required building a hybrid data pipeline to connect our cloud CRM with the new Hadoop Data Lake. One challenge is that IT was not in a position to provide support until we proved value and marketing did not have the experience, so we embarked on the journey ourselves within the product marketing team for our line of business within Progress. In his session at @BigDataExpo, Sum...
Mar. 29, 2017 03:30 AM EDT Reads: 3,209
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
Mar. 29, 2017 03:00 AM EDT Reads: 6,066
Information technology (IT) advances are transforming the way we innovate in business, thereby disrupting the old guard and their predictable status-quo. It’s creating global market turbulence. Industries are converging, and new opportunities and threats are emerging, like never before. So, how are savvy chief information officers (CIOs) leading this transition? Back in 2015, the IBM Institute for Business Value conducted a market study that included the findings from over 1,800 CIO interviews ...
Mar. 29, 2017 01:45 AM EDT Reads: 5,439
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
Mar. 29, 2017 01:15 AM EDT Reads: 2,486
"We host and fully manage cloud data services, whether we store, the data, move the data, or run analytics on the data," stated Kamal Shannak, Senior Development Manager, Cloud Data Services, IBM, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Mar. 29, 2017 01:15 AM EDT Reads: 9,279