As more companies turn to the cloud for data storage, security concerns are rising. The current solution for protecting IT infrastructure from data breaches and network failures is a combination of software and hardware defenses.
The current major trend in the evolution of IT infrastructure is the widespread migration of computing and storage resources from on-site data centers to the cloud. With this major shift, firms can easily spool up more capacity with a few clicks, instead of maintaining costly physical hardware in their own data centers. This shift is allowing companies to operate much more flexibly with the way they consume compute and storage resources, unlocking the sought-after business benefits of “agility” and “scalability.”
The widespread move to the cloud has been underway for a few years now, and in 2019 the topic on everyone’s minds is security. The cloud and hybrid on-site/cloud IT infrastructures in use today are much more complex than IT infrastructures were just a decade ago, and there is significant concern that yesterday’s security best practices are losing relevance.
On the software side, firms are using auditing tools to identify security risks on the IP level to overcome the problems increased infrastructural complexity poses. These are necessary developments, but hardware-level security in the cloud computing age has changed tremendously as well.
The use of keyed connectors can be a valuable strategy in protecting data centers. It is much more difficult to switch cables and cause intentional or accidental harm when a connector features a unique keying design. Only the proper connector and port can be matched. Belden’s patented Brilliance LC keyed connectors and adapters (patch cords, pigtails, frames, and cassettes), use the FiberExpress ultra-high-density small form factor (SFF), in addition to field-termination options, tamper resistant key design, and 12 color-coded keying options.
All the Eggs in one Basket
In the past, companies usually administered the physical security of their data centers and other IT infrastructure themselves. Today, many companies buy cloud computing resources from companies like Amazon Web Services (AWS) and Microsoft. So how do big cloud providers ensure the physical security of their data centers? And what does storing so much of a company’s data and computing, including mission-critical applications, in the cloud mean for the overall effectiveness of security?
Inherent in the migration to the cloud is the reality that more and more critical data is being stored physically in fewer and fewer places. However, this means that every company that buys cloud services from one of the major cloud providers has access to state-of-the-art security, both on the software side and on the physical side. Startup companies can buy only the capacity they need, and also have those computers physically protected by Amazon’s security.
Amazon advertises that its data centers are protected by four layers of security: an environmental layer, where everything from sustainability to environmental risks are considered; the infrastructure layer, which makes accommodations for things like fires and power outages; the perimeter layer, which includes guards and fences; and the data layer, which includes advanced access controls for customer data.
While it’s true that these AWS data centers are far more physically secure than what many of their customers could achieve on their own, their number is limited. In spite of the environmental security layer, could a natural disaster or a deliberate attack damage what is quickly becoming the backbone of companies’ ability to deliver digital services to its customers? Amazon contends that the possibility is remote, since its environmental security includes a backup system to ensure that a natural disaster impacting a specific region wouldn’t be able to take data offline across the service.
Part of Amazon’s security strategy for AWS was to keep the location of its data centers under wraps. However, in 2018 WikiLeaks published the location of AWS data centers across the globe, potentially undermining that aspect of the physical security of the firm’s data centers.
Physically concentrating data center activity significantly reduces the chances of a data breach effected by an unauthorized person gaining access to a data center site compared with every little startup company housing data on servers in its basement and backups on hard drives upstairs. Coupled with ever-improving software level security that connects clouds to companies’ own IT infrastructures and to their customers, highly secure concentrated cloud data centers offer an unmistakable improvement over the old on-site data center paradigm.
IT Infrastructure: The Data Layer Explained
At the heart of the AWS operation as well as Amazon’s IT infrastructure security strategy is the data layer, the place where customers’ data is actually held. To protect this, Amazon employs a host of security features that interestingly focus more on data center and machine access than on security technology built into the hardware of the servers themselves.
To ensure security in these facilities, physical access is key. Every entrance to server rooms is guarded by electronic control devices that require multi-factor authentication, and facilities are equipped with a high level of automation that can detect, for example, when a door is being held open too long. Amazon also employs networks of security cameras that capture and retain video footage of the entire facility. All of this requires a high level of security feature integration with the building itself, and Amazon is switching from a model of leasing buildings to developing new construction, in part in an effort to better control facilities with integrated security features.
While the software aspects of security are getting the most scrutiny, it’s worth bearing in mind that the cloud computing revolution has not eliminated the need for physical computers to be located somewhere. Cloud services firms like Amazon and Microsoft make it a goal to make cloud computing seem like magic to their customers, but as cloud capacity and services continue to expand, the demand for physical security and the cabling, components, and other IT infrastructure that comes with it will follow. The physical aspects of data center security in the cloud era are clear: fewer, but larger and much higher-stakes facilities demand the best on-site security. This entails integrating advanced sensor components like machine vision-enabled cameras and access control devices, as well as unimpeachably secure networking hardware.
Neil Shurtz is a freelance writer based in Seattle. Shurtz’s areas of interest include sensor and telecom components, autonomous vehicles, and connected infrastructure.
Like this article? Check out our other New Technology, data center, and cloud computing articles, our 2019 Article Archive, and our Datacom/Telecom Market Page.
Latest posts by Neil Shurtz (see all)
- Cloud Computing Security: Let’s Get Physical - August 20, 2019
- The Brain-Machine Interface: Envisioning a Future With Neural Connectors - July 30, 2019
- Cloud Computing, IT Infrastructure, and the Need for Greater Security - June 25, 2019