Escolha uma Página

guarding the data center

Data center operators – especially those who offer space and services to the public – are constantly guarding their infrastructure. Not an hour goes by that doesn’t bring a new would-be attacker. Most data center operators deal with a constant influx of hackers from remote countries just trying to gain access to their network, pinging and trying to get in. At the same time, those very data center operators are made vulnerable through the actions of their tenants. If someone can access a customer’s installation in the data center, they can potentially gain access to every other customer in that facility, a scary thought for those that make their money selling space, services and security.

It’s a recipe for disaster for many organizations, according to the 2014 U.S. State of Cybercrime Survey, which is created and developed by CSO Magazine along with the U.S. Secret Service, the Software Engineering Institute at Carnegie Mellon University and PwC.

The numbers are extreme. According to the report, enterprise detected – on average – 135 security incidents per organization. There are no hard and fast incident costs since two-thirds of all those surveyed could not put a number on their losses. Those that could averaged $415,000 per incident. The report detailed eight common deficiencies. One of the key issues: Organizations are assessing for threats. Nearly half of organizations surveyed (47%) are not performing periodic risk assessments.

One of the tools that should be included in an assessment is real-time threat detection, and there are some organizations that are making use of this technology. “Real time detection and reporting capabilities are really important,” agrees one data center vice president of information technology and process management at a U.S.-based midsized data center provider. “You’re not going to keep everything from entering the network, but you need to make sure you are tracking what’s going on and implementing appropriate enforcement at the right time.”

Another IT executive at a large, multinational ecommerce player puts it even more succinctly: “We’ve faced literally thousands of attacks. You’re going to be owned. Someone is going to break through, so you do your best to secure the perimeter,” explained the director of data center operations for the organization.

He compared managing a large data center to the protection and redundancies that are built into a submarine: “You layer in water-tight doors so if there is a breach you can close off that area. You may lose a compartment, but the ship remains unscathed.”

How is your organization handling real-time threat detection? If you were part of the State of Cybercrime survey how would you do? It’s a question that every organization should be asking of their IT department.

Hillstone Adds Botnet C&C Prevention to StoneOS

Vulnerability Notification: Microsoft Windows Shell Zip File Remote Code Execution

Vulnerability Notification: Cisco Adaptive Security Appliance Webvpn XML Parser Double Free

Announcing Enhancements to Hillstone Networks CloudView

Announcing the Hillstone Server Breach Detection System 2.1

Vulnerability Notification: Adobe ColdFusion Deserialization

Vulnerability Notification: Oracle WebLogic Server XmlAdapter Deserialization

Statement on Vulnerability: Hillstone Networks does not use Intel Processors in its NGFW

Hillstone Responds to Bad Rabbit Ransomware