The page you're viewing is for French (Canada) region.

Travailler avec un représentant du fabricant Vertiv permet de configurer des conceptions complexes en fonction de vos besoins uniques. Si vous êtes une organisation à la recherche de conseils techniques sur un projet d’envergure, Vertiv peut vous fournir le soutien dont vous avez besoin.

En savoir plus

De nombreux clients travaillent avec un partenaire revendeur Vertiv pour acheter des produits Vertiv destinés à leurs applications informatiques. Les partenaires disposent d’une formation et d’une expérience approfondies et sont particulièrement bien placés pour spécifier, vendre et assurer le soutien de solutions informatiques et d’infrastructure complètes avec les produits Vertiv.

Trouver un revendeur

Vous savez déjà ce dont vous avez besoin? Vous recherchez la commodité de l’achat en ligne et de l’expédition? Certaines catégories de produits Vertiv peuvent être achetées auprès d’un revendeur en ligne.


Trouver un revendeur en ligne

Besoin d’aide pour choisir un produit? Parlez à un spécialiste Vertiv hautement qualifié qui vous guidera vers la solution qui vous convient.



Contacter un spécialiste Vertiv

The page you're viewing is for French (Canada) region.

Protecting the data centre from cyberattacks

This piece originally appeared on the June/July 2017 issue of Australian Security Magazine.

Hardly a week goes by without widespread coverage of a new threat, attack or breach of a large organisation that affects thousands of stakeholders reliant on it. The WannaCry ransomware attack is still fresh on our minds and the scope of its damage is still being realised. Cybersecurity is far more than ones and zeros – we’re all part of the ‘cybersecurity defence system’, not just information security consultants and IT departments.

How Australia is faring

Australian organisations are no exception when it comes to cyberattacks – CERT Australia, the main point of contact for cyber security issues affecting major Australian businesses, responded to almost 15,000 incidents in fiscal year 2015-2016. This number only reflects the number of reported incidents. With cybercrime on the rise and mandatory breach disclosure on its way within the next year, we could see this number rise sharply.

So who is being targeted? Unsurprisingly, high-yield targets such as Energy and Banking come out on top. Of the incidents responded to by CERT Australia in that timeframe, more than one third were directed at Energy and Banking.

It’s important to recognise that random or targeted attacks on one specific organisation have a knock-on effect to consumers and other sectors and organisations. This effect is increasing as we create more IT-related interdependency – the growth of IT services, cashless transactions, and the overall journey towards IoT means cyberattacks will have an increasingly heavy and more widespread impact.

Targeting the data centre

Most people associate cyberattacks with software – attacks coming through malware, emails, etc. However, in this connected world the data centre itself is by its very nature the main point of connection between an organisation and its third-party suppliers, and indeed the outside world. It is a high-risk area, make no mistake.

Data centre outages can cripple a business, particularly as reliance on IT services increases. Cybercrime is the second leading and fastest growing cause of data centre outages worldwide.

The various nodes of access within any data centre – wire, fibre, airwaves, etc. – need to be protected from intrusion as skilled actors can use them to access the data centre, and all the valuable data it stores. Fibre, network and communication nodes are generally considered the most likely targets, especially for the infamous DDoS attack, the kind that took down more than a dozen prominent websites last year, including Twitter, Spotify, Netflix and Amazon.

How to protect your data centre

Businesses now want a clear understanding of existing cybersecurity provisions and situational awareness. This means a comprehensive plan addressing every aspect including firewalls, threat detection, anti-virus management, tools, patches and software revision control.

On the data centre side, it means specific actions such as mandatory data centre infrastructure management (DCIM) deployments to assess unused or underused assets within a data centre – idle servers are prime targets for Trojan Horse attacks, IT compartmentalisation, improved infrastructure resiliency and more.

While there is no clear, universally agreed-upon strategy or footprint to protect the data centre, there are plenty of actions you can take to keep it safe.

  • Establish a perimeter, likely the data centre itself but possibly including rooms around it
  • Build an inventory of all IT, network, storage and IP assets, as well as anything connected either directly or remotely
  • Remove unused assets
  • Identify all data centre users – assign unique access and usage policies
  • Change the passwords at least every 90 days
  • Create a mandatory admin policy that begins with changing all Original Equipment Manufacturer (OEM) default settings before starting a network connection.

Other steps you can take are attending a local data centre users’ group meeting or conference, where you can speak to or hear from a local expert on what the current threats are and how to mitigate them. You could also hire a white knight to provide the brutal truth on any weaknesses in your data centre.

Global standards may be on the horizon too – The European Union’s General Data Protection Regulation, adopted in May 2016 and expected to come into effect by May 2018, will hopefully include detailed recommendations for data centre cybersecurity that can be applied globally.

It’s not worth neglecting – putting the investment in now to secure your data centre will be far less costly, both in financial terms and customer and reputational damage, than dealing with the fallout from a successful cyberattack.

PARTNERS
Survol
Consultants Corner

Langue et localisation