How Companies Make Their Data Centers Hacker-Proof

Data Centers Hacker-Proof

Cloud computing naysayers have long cited security and privacy as their number one concerns. While more and more companies are adopting cloud services, many corporations and small businesses are still hesitant to embrace the cloud because of concerns about lax security and hacker attacks.

Companies like Microsoft, Google, and Amazon claim to have extremely strong security and have never reported a major security breach. But smaller companies like Dropbox and Zappos have, but the breaches were typically due to internal programming bugs. The question is, should consumers believe that their data is safe with major cloud players? Can cloud computing giants really deliver on their security promises? The answer, in most cases, is a resounding yes.

The largest U.S. data centers are almost always certified by the federal Government under programs like FISMA and SAS 70 Type II certification. Cloud companies that hold these designations have implemented physical and cyber security measures.

Data center security starts with physical security. Large data centers typically employ a sizable number of armed guards, as well as technological measures such as high-resolution video monitoring, motion tracking, and analytics software, biometric and/or electronic keycard locks, and extremely strict policies on who has access to servers and other sensitive equipment. Employees are also subject to background checks and screenings as thorough as possible for non-defense organizations.

Companies employ multiple methods to ensure data security. These typically include both data/disk encryption and “data obfuscation,” a process in which even unencrypted data is made illegible to humans and standard computer programs. Obfuscated data is only rendered in clear text or images once it is relayed from the server backend to proprietary frontend interfaces, such as Gmail, Hotmail, and QuickBooks Online. Companies also go to great lengths to ensure physical data security. Deleted data is destroyed using complex wiping algorithms and then overwritten by other real data. Discarded hard drives are physically destroyed, rendering data recovery impossible.

At the network level, cloud companies deploy both human analysts and highly complex algorithms to analyze network packet traffic and look for any anomalies. Suspicious packets are automatically dropped and IP addresses blocked if necessary. Most companies also employ complex security protocols that require any service contacting data center servers to possess a uniquely assigned internal identity. If a network query cannot identify itself as a legitimate request from an internal service, then the connection is terminated. Other network security measures include complex, multi-level routing to detect and block malicious activity, and advanced firewalls.

At the operating system and physical server level, companies typically develop their own flavours of Linux or UNIX which are unknown outside the company, almost impossible to target with Malware and viruses due to both software security measures and their obscurity, and constantly updated. Servers are also only accessible by authorized employees with unique identification numbers, and all activity is logged and monitored by both automated software and human supervisors.

Overall, data center security is extremely sophisticated and constantly evolving, leaving virtually all hackers in the dust and making it all but impossible for internal employees to inappropriately access customer information. No contemporary computer system can be completely secure, but most businesses’ data is far less secure on their own servers and computers than it is in a federally certified data center.

By Robert Shaw

Yuliya Melnik
Heroku or AWS Cloud infrastructures are gradually starting to penetrate into an increasing number of areas and various businesses. And this is not surprising because such a ploy allows you to improve internal processes, protect ...
Yuliya Melnik
DevOps Services Outsourcing The sooner you release your unique idea to the public, the higher the chance that it will receive the lion's share of the audience's attention. Delays in development can lead competitors to ...
JK Chelladurai
Usage-Based Pricing We are now in an era where many businesses are flipping their business model and shifting from subscription-based pricing to usage-based models, to better cater to the modern ‘pay-as-you-consume’ buyer. So what exactly ...
Crozdesk Business Software
B2B SaaS Comparison Platforms B2B SaaS Comparison Platforms are designed for buyers looking for additional information on a particular vendor and service. These sites help ease the complexities for buyers by providing a detailed breakdown ...
Jonathan Custance
IoT and cloud computing are on the increase High-profile cybersecurity breaches are increasingly in the news, a prime example being the NHS incident of May 2017 when services were brought to a standstill for several ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.