44
7X24 MAGAZINE FALL 2015
Edward Snowden. In 2013, his name
became linked forever with a significant
and highly publicized data breach that
rocked the world of data security. As an
authorized insider for the National Security
Agency, Snowden was responsible for one
of the most significant security leaks in U.S.
history. His actions sounded the alarm on
the rising incidence of data theft
worldwide, and the need for enhanced
security measures.
During the past several years, most
companies and data centers have focused
primarily on enhancing cyber security to
minimize threats from the outside. Yet a
growing body of evidence reveals that
internal threats to data breaches are
equally as menacing. In fact, as stated in its
2013-2014 report, Understand the State of
Data Security and Privacy, Forrester
Research (a global information technology
market research firm), found that insiders
were responsible for 36 percent of the
breaches during a 12-month period.
At data centers, insiders include anyone
who has access to the facility—employees,
clients, visitors, or contractors. The threat
they pose, whether malicious or accidental,
has been overlooked by many companies
and data centers. Although data centers
provide physical access control systems
and surveillance at the perimeter, facility, or
room levels, few offer adequate physical
access control and monitoring where the
data actually resides—at the rack level.
Vulnerability at the rack level leaves data
centers and their tenants (or clients) open
to a variety of potentially catastrophic
consequences: loss or theft of sensitive
data and/or company trade secrets;
significant fines and penalties levied by
regulatory agencies; loss of customer
(current and potential) trust and business,
and a tarnished reputation. According to
the Ponemon Institute’s 2015 Cost of Data
Breach Study, the average cost of an
organizational data breach in the U.S. in
2014 was $6.5 million. That’s a high price to
pay for an incident that could be prevented
with advanced physical server protection.
by
andre Motta
SECURING
DATA
CENTERS
AGAINST
INTERNAL
THREATS
Why traditional security methods aren’t working