How Companies Make Their Data Centers Hacker-Proof

Data Centers Hacker-Proof

Cloud computing naysayers have long cited security and privacy as their number one concerns. While more and more companies are adopting cloud services, many corporations and small businesses are still hesitant to embrace the cloud because of concerns about lax security and hacker attacks.

Companies like Microsoft, Google, and Amazon claim to have extremely strong security and have never reported a major security breach. But smaller companies like Dropbox and Zappos have, but the breaches were typically due to internal programming bugs. The question is, should consumers believe that their data is safe with major cloud players? Can cloud computing giants really deliver on their security promises? The answer, in most cases, is a resounding yes.

The largest U.S. data centers are almost always certified by the federal Government under programs like FISMA and SAS 70 Type II certification. Cloud companies that hold these designations have implemented physical and cyber security measures.

Data center security starts with physical security. Large data centers typically employ a sizable number of armed guards, as well as technological measures such as high-resolution video monitoring, motion tracking, and analytics software, biometric and/or electronic keycard locks, and extremely strict policies on who has access to servers and other sensitive equipment. Employees are also subject to background checks and screenings as thorough as possible for non-defense organizations.

Companies employ multiple methods to ensure data security. These typically include both data/disk encryption and “data obfuscation,” a process in which even unencrypted data is made illegible to humans and standard computer programs. Obfuscated data is only rendered in clear text or images once it is relayed from the server backend to proprietary frontend interfaces, such as Gmail, Hotmail, and QuickBooks Online. Companies also go to great lengths to ensure physical data security. Deleted data is destroyed using complex wiping algorithms and then overwritten by other real data. Discarded hard drives are physically destroyed, rendering data recovery impossible.

At the network level, cloud companies deploy both human analysts and highly complex algorithms to analyze network packet traffic and look for any anomalies. Suspicious packets are automatically dropped and IP addresses blocked if necessary. Most companies also employ complex security protocols that require any service contacting data center servers to possess a uniquely assigned internal identity. If a network query cannot identify itself as a legitimate request from an internal service, then the connection is terminated. Other network security measures include complex, multi-level routing to detect and block malicious activity, and advanced firewalls.

At the operating system and physical server level, companies typically develop their own flavours of Linux or UNIX which are unknown outside the company, almost impossible to target with Malware and viruses due to both software security measures and their obscurity, and constantly updated. Servers are also only accessible by authorized employees with unique identification numbers, and all activity is logged and monitored by both automated software and human supervisors.

Overall, data center security is extremely sophisticated and constantly evolving, leaving virtually all hackers in the dust and making it all but impossible for internal employees to inappropriately access customer information. No contemporary computer system can be completely secure, but most businesses’ data is far less secure on their own servers and computers than it is in a federally certified data center.

By Robert Shaw

Cloudways

Episode 1: Why Small and Medium Sized Businesses Need an MSP

Small and Medium Sized Businesses Need an MSP Small and medium-sized businesses don’t enjoy the benefits of a large IT department. What should they consider when it comes to handing over their data to a ...
Signal Messenger: How to Successfully Resist Wiretapping Attempts

Signal Messenger: How to Successfully Resist Wiretapping Attempts

Successfully Resist Wiretapping Attempts Against the backdrop of events in the US, the popularity of the Signal secure messenger has grown sharply - from 6,000 to 26,000 downloads per day. This software uses strong cryptography ...
Virtana

Episode 8: Managing Cloud Strategy During the Chaos of 2020, Plus an Outlook for 2021

An Interview with Kash Shaikh, CEO of Virtana Companies are wrestling with the idea of moving to the cloud, staying on-prem or finding a hybrid solution. Kash Shaikh, the new CEO of Virtana, looks at ...
Efficient Dispatch Operations with Spare Location Intelligence for DSPs

Efficient Dispatch Operations with Spare Location Intelligence for DSPs

Digitally transform operations of field technicians, design & planning team to reduce overall MTTR by 45% Most of the Digital Service Providers (DSPs) are struggling with the rising cost of repeat-dispatch and a higher Mean ...
Meta Data

Data-Driven PPC and The Benefits Of Drilling Down On The Data

Drilling Down On Big Data Running a pay per click campaign for your business, which isn’t driven by detailed metrics, offers no more than the hit-and-hope approach which a billboard in the 80’s may have ...
Tunio Zafer

Questions To Ask Every Cloud Storage Provider

Cloud Storage Provider Questions As with many new technologies, attitudes toward cloud storage vary. Telephones were immobile; wearables perhaps unwarranted. And now, the global cloud storage market was estimated at $21.1 7 billion in 2015, ...