Data center and IT managers are under pressure to enable faster innovation. That means deploying more devices and managing larger enterprise-to-edge networks to enable digital experiences for workers and consumers. However, this fast-paced growth has come at a cost: the security of distributed networks.
As business interruption fears due to the pandemic begin to recede, cyber risks are now the greatest concern for companies globally. That fear is justified. A penetration testing project by a leading vulnerability assessment company has demonstrated that some 93 percent of companies’ networks can be breached by cybercriminals without even resorting to social engineering.
Here are some of the greatest risks companies face right now – and how to address them by strengthening security at the rack level.
- Remote IT work to stay: A McKinsey study analysis of remote work found that 70 to 75 percent of IT work (what they call “interacting with computers”) can be performed remotely. Armed with remote network monitoring and management solutions; rack managers; and secure IP 4K keyboard, video, and mouse (KVM) devices, IT can manage complex distributed networks with ease. Empowering IT to work remotely has many positive benefits, such as providing staff with work-life flexibility and scaling to run a global operation. However, it also increases security risks, shifting attacks from network solutions and platforms to users, access privileges, and endpoints.
- Attacking users is the easiest way into networks: Cybercriminals could spend weeks studying corporate networks and strategizing how to avoid dozens of security tools. Or they can simply use a variety of strategies to gain security administrator passwords, identify areas of the network with weak controls, and enter there. For example, attackers can mine dark web password dumps, launch brute force attacks, or use social engineering attacks to gain access to credentials with elevated privileges. Once in, these system administrative privileges usually enable attackers to move across corporate networks undetected. The penetration testing survey found that cybercriminals’ preferred attack strategy was credential compromise (used in 71 percent of attacks). Once they obtained high-value system administrator access privileges, it took cybercriminals two days on average to penetrate networks. That’s an alarming statistic that should have IT and security teams rethinking their approach to strengthening IT remote access privileges.
- IT may be deploying devices with weak controls: IT is rushing to expand networks to digitize business models, products, and services. As a result, they’re deploying more devices from more vendors to gain the capabilities they need. That can mean that sites, ranging from data centers to edge sites, host devices with a variety of protocols and cipher strengths. Since it typically isn’t realistic to consolidate devices with just one manufacturer, strengthening the security of all devices by consolidating them on rack managers and behind private networks is a top priority.
IT Can Harden Networking Security with Rack Managers
While network monitoring and management platforms provide access to all devices across all sites, rack managers provide localized capabilities. The Vertiv™ Avocent® ADX Ecosystem provides both of these important capabilities. The Vertiv™ Avocent™ ADX MP 1000 Management Platform and Vertiv™ Avocent® ADX Rack Manager provide an all-digital architecture that scales with enterprise-to-edge network growth and securely support more than 100 simultaneous users.
However, importantly, the Avocent ADX Rack Manager enables data center and IT managers to create an extra level of protection for site-level devices that may have variable security. The Avocent ADX Rack Manager enables IT administrators to:
- Set up private networks for each rack: IT can host 48 devices on each Avocent ADX Rack Manager which is managed on a private network. That means devices aren’t exposed on public networks, where they can be easily found and attacked by cybercriminals. By consolidating device management on an Avocent ADX Rack Manager, IT can host devices that have weaker security but are needed for innovation or other purposes, without concern that they are creating gaps for malicious insiders or outsiders to exploit.
- Create granular access privileges: With the Avocent ADX Management Platform, IT leaders can limit the scope of access to site devices, defining who can do what to each device or device type. However, with the Avocent ADX Rack Manager, they can control access to each and every rack on site, further reducing privileges. For example, an IT administrator could only have access to rack power distribution units (rPDUs) or Linux servers at a site and be approved to execute specific functions for these devices. Or an administrator could have access to installing firmware and rebooting devices on test servers located on a single rack. Defining which devices users can see, access, and perform authorized functions on significantly reduces the opportunity for human error or malicious internal activity.
- Control which sessions can be launched: With the Avocent ADX Management Platform, IT can launch KVM, serial, service processor and virtual machine sessions on a single device. However, the Avocent ADX Rack Manager also enables IT to control which sessions can be launched on a device, adding another layer of security.
- Audit all activity: Both the Vertiv ADX Management Platform and Rack Manager enable IT administrators to audit all activity on devices. That means that IT and security teams can identify any anomalies quickly and easily. By keeping a close eye on what functions are performed, IT can identify excessive access privileges that need to be reduced, human error, or suspicious activity. As IT and security teams know, it is better to identify issues as they occur, as data breaches become more severe as days and weeks go by. By so doing, IT and security can mitigate any issues and strengthen controls.
After two years of fast-paced digital growth and escalating cyberattacks, it’s time to take a deeper look at rack security. Fortunately, Vertiv™ Avocent® ADX Rack Manager provides IT teams with private networks, granular access privileges, controls, and auditing capabilities that be used to strengthen device security.
Strengthen networking endpoint security with a best-in-class management tool that offers multiple layers of control.
Check out Vertiv’s Data Center Security Solutions.