Data center security - a look at the other side of the firewall

In today’s cyber world nobody in his right mind, business or individual, operates without a firewall. But – did you know that around 80 percent of all security threats to organizations come from the inside? Astonishingly enough most companies focus their security resources on preventing external hackers from causing them harm, and no matter how successful firewalls and various intrusions detection/preventing systems are, they are not of much help when the attack/intrusion comes from within the organization, behind the firewall doors…

While people, or workers from within your organization can actually do far more damage to your business than any hacker, this threat is often over looked, not given enough attention or forgotten all together. A recent global study with more than 5.500 IT personnel reveals that increased threats to sensitive and confidential data are caused due to a lack of control and oversight of privileged users.

Think about it for a moment, do you (or anyone else inside your organization) really know how many of your employees, IT personnel, external contractors - or even former IT staff – have access to your critical systems and data? Or, for that sake, do you know how many of your company’s IP addresses, passwords and user names are currently floating around inside your IT department on various spreadsheets and post-it notes?

One security layer that could easily be implemented to protect against such threats is an application that manages remote access inside, as much as outside, of the organization’s data center. This would provide you with a simple way to administer IP addresses, user profiles and user rights while avoiding password sharing with external service providers. Think of it as a firewall behind the firewall - it will allow you to centrally manage and control who has access to what, and with what level of permissions, while it at the same time you can see which privileged users entered which target, from which IP address, through which access method. This will also ensure you that the right access, to the right equipment is given ONLY to the right people inside your organization. 

To learn more on how easily you can protect your internal passwords and increase the security to your own IT infrastructure, watch this video!

How long does the glue on DCIM post-it notes last?

As a top IT pro in the data center, you’re probably chuckling because you actually know the answer to that question!

When it boils down to Data Center Infrastructure Management (DCIM) monitoring your equipment is just not enough. Even the most organized IT manager has innumerable sticky notes papering their walls.  Accompanied with a host of homegrown spreadsheets dedicated to organizing the long lists of IP addresses, passwords, and multivendor equipment information you need to access and control your IT infrastructure smoothly, on a daily basis.  And that makes perfect sense – those IP addresses and passwords are things you need at your fingertips on a moment’s notice – no time to search for them when something goes wrong.

Chances are, you’ve been through this nightmare scenario before: IT is notified of an issue.  The first course of action is to open the spreadsheet, locate the name of the server, and copy and paste its IP address, password and user name info. This can require opening and closing numerous browsers and applications – something that takes dozens of mouse clicks and many minutes – before a device can be found and accessed.  Once the device is located, you’ve got to fix the problem. You may go for an RDP session and fail, attempt a KVM-over-IP connection, or even worse – need to force a reboot through the PDU, each of which starts the copy and paste process all over again. This kind of downtime adds up. Over a typical shift, the wasted minutes can easily turn to wasted hours of valuable work time just searching for the right information.

What you need in order to safe guard your DCIM system, is a central access console, a singular control panel, where you can see and capably manage all of your computing resources no matter where they are physically located –from the network closet to an off-site data center to a co-location facility in another city or state. - But make sure to choose the right solution!

Here is a checklist you should use when selecting a remote access management (RAM) solution that will strategically fit your DCIM system in place. Ask yourself if the solution does all seven of these things:

1. Supports a wide range of vendors: Select a solution that prevents vendor lock-in; make sure it supports all the equipment acquired over the years and offers the ability to add any brand of IT equipment – PDU, IP KVM switch, console server, or other network device in an unlimited array of vendor options.
2. Integrates in-band and out-of-band access options: A seamless combination of the two means, even if the blue screen of death appears, crashed servers can be restarted and downtime minimized with one-click KVM over IP access from the same pane of glass used for everyday maintenance.
3. Simplifies access: What makes a remote access solution truly powerful is a combination of one user interface, one url and one set of security rules.  When it comes to remote access management as part of DCIM, simplicity is king.
4. Provides seamless access to power control: The only way to avoid disastrous mistakes like rebooting the wrong server is to have full control of the PDU from within the remote access management solution’s user interface.
5. Maximizes tools that have already been deployed: Don’t throw out what works!  A must-have in remote access management is the ability for the IT staff to continue to use the existing remote access tools they find most effective and comfortable under a larger, more efficient and secure remote access umbrella.
6. Overcomes implementation challenges: Look for a solution that can be installed in hours – not a month and not a week.
7. Increases IT efficiency while maintaining security: Select a secure remote access solution that authenticates users with the organization’s own active directory, assigning user names and passwords created according to profile and task assignment.

What this all means is that Remote Access Management and Data Center Infrastructure Management are inextricably linked! Or in other words - if you don’t have a RAM, you really don’t have DCIM.

And if that’s not enough, just think how nice your wall will look without all those post-its on it...

What do slices of a hot Pizza have to do with DCIM?

No Data Center Infrastructure Management (DCIM) is complete without a Remote Access Management system in place!

The Full DCIM Pizza

Yes, you heard right. Now, you are probably asking, what does Remote Access Management have to do with DCIM?

The answer is - A lot! Today infrastructure equipment at all levels is becoming more important and more critical to the smooth operation of data centers, in other words, it has direct impact on lowering costs, tightening security and increasing efficiency. But DCIM is not only about monitoring and planning, it is also about managing all your access control tools and methods.

Remote Access Management (RAM) is one of the most vital slices of the DCIM ‘Pizza’ that is not getting the full attention it deserves. So let’s cut the chase and state it clearly: All other DCIM slices, as important as they may be, are compromised if you cannot manage the access to your data center infrastructure!

Think of the ordering process of a hot, sizzling family Pizza – the pictures on the website look awesome, you can practically “smell” the Pizza over the phone. The person taking your order is sweet and polite, you get all the flavors you asked for and you even get a special price for being such a nice guy, but – all this is worthless without a fast and reliable delivery that brings the Pizza hot and sizzling to your doorstep…  

So why don’t you take a closer look at your overall DCIM strategy and make sure that you have all the slices in place, and not missing the management of your remote access!

Minicom Will Introduce New Version of Remote Access Management Solution at Data Center World

We are introducing an Enterprise Edition of our remote access management platform, AccessIT™, at Data Center World, presented by AFCOM, Las Vegas, October 3rd - 6th.

AccessIT Enterprise Edition is ideal for:
· Businesses with remote branches
· Testing labs with a large number of servers and simultaneous remote users
· Large, "lights-out" data centers where remote access is the only means of accessibility
· Any organization that relies heavily on IT uptime

Designed to meet the needs of large organizations, AccessIT Enterprise Edition can accommodate more than 250 servers and network devices, and more than 10 users.

Visit us at Data Center World (AFCOM), Las Vegas, Nevada, October 3rd through 6th, 2010, Booth #329.