HOME
NEWS

Protecting root cause of insecurity must for securing a datacenter


By VARINDIA - 2017-06-13
Protecting root cause of insecurity must for securing a datacenter

The world has always been vulnerable and insecure. The primary reason for the insecurity in the world can be narrowed down to greed of human beings to gain power. Human race is still finding the reason of its existence and is in a phase of understanding its purpose. Till the time this answer is found, mankind will continue to follow set of rules for the so called development that is pre-defined. This rule of development i.e. win against another human, is really dangerous and in this race to be better against other humans, poor data has become insecure

 

Coming to the point of datacenter security, there are three types of challenges we need to look at

 

* Protection against data loss.

* Protecting systems from unavailability

* Protection of data from theft.

 

If there is fire, flood or any accident that takes place in a data center, it can result in data loss and unavailability of services. On the other hand, if this is done deliberately, it is called as DoS (Denial of Service). The best method to address both these potential threats is adoption of distributed system architecture. In typical distributed architecture, the application & database are in separate layers and are distributed across multiple datacenters, with the traffic flow being handled by these multiple datacenters. The spread of data across multiple Datacenters helps eliminate the risk of data loss in case of any mishap at one of the datacenter locations as the latest copy of data is available at the other datacenter. Backups using Object storage methodology at multiple datacenters helps in keeping data safe and intact. Use of CDN service is one of the best examples that implements this kind of solution.

 

The threat of data theft can originate either from known sources and/or unknown sources. The threat & impact from known sources is always greater in comparison to that from unknown sources since the latter are not familiar with your organization or your data. Any potential threats arising through them could be protected using various security tools. On the other hand, known sources may have full information about your organization, your data, importance of that data and the attackers therefore might have an objective to cause damage.

 

The threats from known sources are primarily of two types; physical theft and remote theft of data. The probability of physical data theft in this era of Cloud and distributed systems is negligible and not a preferable approach for any intruder. Therefore the only focus should be upon mitigating virtual/remote data thefts. Remote data theft is usually done with the help of certain tools. Although the rivalry is often between humans however it is the tools which fight for humans. In the primitive era, humans used to fight without the support of any tools however over period of time, man-made tools & weapons have taken up that role. Thankfully there are many full proof protection tools available these days in the virtual world too. Tools such as antivirus, anti-malware, anti-spamming, end point protection, application control change system, and encryption can be used in appropriate combinations to tackle such threats. It is a war of tools against tools.

 

The threat of data theft is possible in case of stored data and the data which is in-transit, commonly known as data-at-rest and data-in-motion respectively. The solutions can differ based on the size of the organization. Combination of tools used to define the architecture of a small organization could differ from the ones required for large organizations. Various encryption technologies exist in the market today and these can help in mitigating the in-transit data security issues. End to end encryption right from end user up until the data storage is the best choice. For stored data, the medium and large organizations should ideally look at developing their own protocol of storing data or design their own database system. When there is a complete enclosed system and others don’t have any information about data representation and data value meaning, stealing the data carries no value. We all know there are many nations in the world who develop weapons, create fear in the world and then sell these weapons to other nations for protection. If this is possible with such huge nations, there is a possibility it may happen with security organizations too.

 

Datacenters should start adopting systems which are ‘inter communicable’ and are based on deep learning and artificial intelligence. For example, if someone has deployed a security architecture comprising of anti-virus, database activity monitoring, NDIS, IPS, end point protection, application control system and SIEM, all these systems should have intelligence to communicate with each other and pass-on threat messages to each other so that every protection system can act in time and close all possible doors to intruders. Continuous monitoring of all activities using SIEM and application behavior monitoring system is important which can identify unusual activities and instantly notify the same.

 

Good news is that the tools do not require data; therefore along with tools & protection systems in place, there is a dire need to work on the root cause of insecurity too.

 

Anil Chandaliya
Chief Innovation Officer.
ESDS Software Solution Pvt. Ltd.
Website: www.esds.co.in | Email: anil@esds.co.in

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA