Data centers should be treated like critical infrastructure

SECURITYData centers should be treated like critical infrastructure

The cost of a single failure in a data center is counted in amounts ranging from $100,000 to a million dollars. These facilities process enormous amounts of information and are responsible for processing all the online activities that society perform. Therefore, they require precise protection from digital threats, natural disasters, and human errors. According to Vertiv experts, the security of data centers should be treated as a top priority, similar to the protection of critical infrastructure.

There are nearly 11,000 data centers worldwide, and 136 in Poland. Among the largest Polish providers of such services are Vantage Data Centers, Data4, Atman, Google, and Microsoft. The development of the data center industry in Poland is accelerating, and the number of investments for its growth is increasing – 1.35 billion zlotys will be allocated for the expansion of Atman’s facilities, and a billion zlotys will be the investment in new buildings for the Data4 group.

Data centers are responsible for the continuity of essential digital services, including internet banking, e-commerce, social media platforms, or corporate data storage in the clouds. Industries such as energy, finance, fintech, medicine, and logistics depend on the proper functioning of data centers.

A failure of these facilities can cause interruptions in critical services, resulting in considerable financial losses, business disruptions and customer service disturbances, or a company’s reputation loss. Moreover, any disruption of their operation can endanger ordinary citizens. Everyday life is increasingly dependent on technology. If, for example, a data center responsible for traffic light operation fails, the risk of increasing the number of traffic accidents rises. Because of their key role in providing many essential services, those facilities need to be adequately protected.

Critical infrastructure is mainly associated with facilities such as power plants or water supply systems. However, without data centers, their daily operation would be significantly hindered, and in some situations, downright impossible. Public institutions, which store their data on servers, would also face challenges-emphasizes Krzysztof Krawczyk, Senior Application Engineer at Vertiv.

Data center cybersecurity is essential

According to Uptime Institute data, there are 10-20 major IT failures in data centers worldwide each year, causing severe consequences. These facilities process an immense amount of sensitive information, making them a particularly attractive target for cybercriminals. There are many techniques of cyberattacks that data centers are exposed to. The most common include DDoS (Distributed Denial Of Service) attacks, exploiting vulnerabilities in cloud infrastructure, or ransomware. The consequences of cyber attacks are severe and can be irreparable. As was the case with the Nayana hosting company, which fell victim to a ransomware attack, resulting in thousands of customer websites being down for several weeks, and despite paying a ransom, the company failed to recover all the hijacked data.

Key elements of a digital threat protection strategy include anomaly detection systems and intrusion prevention systems. Software should also be regularly updated, and advanced authentication mechanisms should be used. Moreover, regular security audits should be carried out to highlight any potential problems -explains Krzysztof Krawczyk.

Protection against natural disasters

Lack of adequate protection against floods, storms, earthquakes, or fires can have severe consequences for data center providers and users. In 2021, as a result of a massive fire, OVH’s data center in France was destroyed, with over 30,000 servers being destroyed, resulting in 3.6 million non-functioning websites. With climate changes and the occurrence of extreme weather events, protecting data centers from such threats is incredibly important.

Another critical aspect of protection is to implement early warning systems, which will automatically trigger all emergency procedures in case of a potential threat. Advanced fire suppression systems should be considered to protect servers from fires. A great solution will be gas extinguishing, which doesn’t damage electrical equipment. Another essential element in protecting data centers is georedundancy. It assumes the storage of copies of data and system resources in different locations, in case there is a disaster in one of them. Storing these replicas in geographically diverse regions ensures business continuity-points out Krzysztof Krawczyk.

Atmospheric phenomena can also cause damage to power infrastructure and lead to power supply interruptions. The risk of disrupting operational continuity of systems is minimized by UPS power supplies and power generators. They protect equipment against voltage surges and over-voltages resulting from severe storms and allow for safe shutdown of systems in case of extended power supply interruptions.

Staff training will minimize the risk of human errors

Data centers also require appropriate safeguards against threats resulting from human action – they could be, for example, equipment failures resulting from incorrect configuration. In 2023, human errors, either indirectly or directly, were the reason for even 80 percent of disruptions. Therefore, it is worth investing in staff training, as a mistake in using equipment or ignoring a digital threat can have serious consequences, such as data loss or system downtime. Training should focus on both the technical aspect and cybersecurity issues. To minimize the occurrence of errors for which personnel are responsible, regular security audits should be performed, and guarantees that devices are configured and handled correctly are necessary.

Data centers are the foundation of modern digital infrastructure and should be equipped with advanced security systems. Failures and disruptions in these facilities’ operation are not only extremely costly but can also cause disruptions of critical services, e.g., healthcare facilities or transport companies. Data centers are now part of the critical infrastructure and should be treated as such in terms of ensuring an appropriate level of protection against all forms of danger.

Source: https://managerplus.pl/ekspert-centra-danych-powinny-byc-traktowane-jak-infrastruktura-krytyczna-32924

Check out our other content
Related Articles
The Latest Articles