The Tesco Bank cyber-attack and data centres by Ark Data Centres, 22nd November 2016
The data breach which saw some 20,000 Tesco Bank accounts exposed, once again shone a light on cybercrime and the need for constant developments in security.
The bank acted quickly to pay back plundered funds, and top-level investigations are underway to identify from who and where the attack originated.
Around 40,000 Tesco Bank current accounts in total saw suspicious activity over one weekend, with a reported £20million spirited away in a “systematic, sophisticated attack.”
While the Tesco hack is a data breach and not a physical data centre attack, it nevertheless does prompt discussion on overall security.
Physical attacks on data centres are not as common or as headline-grabbing to the media as cyber attacks.
But when executed, they can match cyber hacks for sheer disruption and significantly damaging business continuity.
Data centres are of course critical to the entire operation of a business or organisation.
Among one of the most infamous physical breaches to have taken place on UK soil was a 2011 attack on Vodafone’s data centre in Basingstoke. Equipment was stolen by a gang who broke in; systems went down and reputation suffered greatly.
This example is as good as any when answering the question as to why a data centre needs to be secure.
The removing or damaging of servers is as destructive as a state-sponsored cyberattack or mass hack of personal information.
In 2013, the Cabinet Office issued guidelines under its HMG Security Policy Framework which underlined that the build of security across the board starts with the data centre.
It stated: “The ‘defence in depth’ or ‘layered’ approach to security starts with the protection of the asset itself (e.g. creation, access and storage), then proceeds progressively outwards to include the building, estate and perimeter of the establishment.”
The old style of data centre – often a converted warehouse in a built up area – is arguably more vulnerable to a physical attack than somewhere purpose built and on its own land.
The very location is an issue, as well as the fact that it has been converted to serve a purpose and not by design.
A multi-layer, without compromise approach to security is vital.
The data centre which can be accessed through a simple gate on an industrial estate would hardly spark confidence in a provider, let alone a corporate or public body wishing looking for a safe home for its servers.
Whilst the data centre industry has been questioned on physical security above that of cyber in the past – including in this Computer Weekly article – the truth is neither can be placed above the other.
It goes without saying that land around the data centre should be as secure as can be – the Fort Knox analogy can be used because in truth, equipment and what it contains and how it allows a business to function means it is as precious as gold.
But security should continue inside, with high-tech security systems governing movement as robustly as possible, procedures in place and general awareness among staff being the best it can be.
Security also includes the prevention of accidents. Data centres in the US in particular have been known to be taken out of action by trucks taking out powerlines. This is about including logistics plans within security measures.
Of course, some situations cannot be legislated for. Yahoo revealed it once saw half a data centre in Santa Clara taken out by squirrels, presumably by the rodents causing damage to power lines.
But the crux of the matter is this: while cyberattacks are on the increase, physical data centre security cannot be left to chance. Doing so could leave an entire business at risk.
Prevention planning starts with the choice of data centre – and where it is located.