Cybersecurity Best Practices: Managing and Preventing Security Threats in Data Centers

The best way to address security threats is to have a robust strategic vision that covers the various vectors of attack.  These can be broken down into some key areas:

·  Encryption 

· Ensure that SSL (secure-socket-layer) is used for all communications both internal and external.  This is a key to protecting web traffic that can include easy to read passwords and user account details.  It is simple for non-encrypted to be traced, especially systems that have an internet (i.e. external) facing web interface.

· Ensure that drives are encrypted ‘at rest’.  Encrypting drives can have a performance impact, but especially for business critical systems and data, it is best to make sure the data on hard drives is encrypted.

·  Firewalls

·  Firewalls should be used to limit server connectivity to known ports.

· Whitelists can be further implemented to prevent traffic only to known IP addresses and CIDR ranges.

· Intrusion Detection Systems

· Advanced systems are now available that can scan for know attack vectors and addresses.  These systems search for malicious actors and their attacks and can serve as a first layer of defense for data centers and their underlying systems. 

· Multi-Factor Authentication

·  Leverage advanced authentication methods that require something beyond just a password for authentication.  This is especially critical for VPNs where access is granted to an entire network or data center.  A further step would also be to leverage biometrics where possible, but this technology is still developing and may not be a good fit for all applications.

Implementing a strategy around the above areas will help most companies stave off cyber-attacks and keep their data centers (and more importantly their data) safe from bad actors. 

We here at iArch Solutions are happy to help with your cyber security or other system’s needs, so please reach out if we can help.