Cyber security gets a lot of headlines, and rightly so. Cyber threats to data centres are constantly evolving, and at ServerChoice we go to great lengths to build our security resilience.
However, alongside this focus on cyber threats, the best data centres take a holistic approach to their security, focussing on both physical measures and operational technology (OT) just as much as information technology (IT). Data centre cooling systems, server hardware and even light switches can be integrated with the IT systems, making a breach in the operational tech likely to lead to a cyber vulnerability.
If you're looking to migrate your data to a new provider, there are many steps you can take to ensure the entire security of your new data centre is up to scratch.
Asking the right questions
Customers exploring their options in the data centre market need to have simple questions front of mind, to make sure a provider meets their requirements - both in security and operational terms. A strong approach is to go in with a prudent mindset and ask simple questions to ensure the provider has all the basics covered.
Along with the traditional questions to ask when looking at a data centre, such as rack volume, cooling capacity, resilience of power feeds, help with relocation (etc), ask direct questions about the provider's security. How do they secure their OT? When was their last penetration test? Taking a tour of the data centre in which their servers will be stored can be enlightening. You don't need to have huge levels of technical expertise to identify tell-tale signs.
To further back up these insights, you should be drawing points of comparison with other data centres. The hosting market can be confusing for the uninitiated, and those looking for new providers need to be comparing resilience benchmarks such as networking needs, access location and points of contact. For those looking to cut through this noise, we've created a data centre checklist to help.
Legacy centres
If you are not satisfied with the responses, it is likely because you're viewing a legacy data centre. When many data centres were first built in the UK, the building and control management systems didn't have a strong security focus. Due to the cost of upgrading data centre technology, many providers delay or forgo upgrading these systems altogether.
Those in the data centre market should focus on providers who have taken clear steps to upgrade their systems over time. There are many easy indicators of this. Investing in security standards as ISO 27001 and PCI DSS are great indicator of quality, and tactics such as air-gapping key systems demonstrates a commitment to improving security and resilience. At ServerChoice, we're constantly examining how we can develop our systems, best demonstrated by the development of our state-of-the-art data centre in Harlow.
Safe and sound
Every organisation's data is highly prized in today's business landscape. Yet when looking to keep it as secure as possible, organisations need to ensure they're paying equal attention to physical and operational security as well as cyber security. No CISO wants to tell their boss a problem at their chosen data centre led to an outage or breach. By taking our suggested approach, you can rest assured that your data centre doesn't have operational vulnerabilities that can jeopardise your data.
