Protect the Data That Protects Us

Protect the Data That Protects Us

This piece was originally published in the July 2016 issue of electroindustry.

Pat Walsh, Editor in Chief, NEMA

F1_Datacenter_ACC7 Exterior
This may look like a typical commercial building, but it is actually a state-of-the-art data center that is loaded with numerous NEMA products, including high-efficiency transformers, advanced lighting and controls, switchgear, energy storage, high efficiency motors, wire and cable, conduits, and a host of other electrical products. Photo courtesy of DuPont Fabros Technology

Data centers scream security. Central to their operations is redundancy, redundancy, redundancy.

On a daily basis, recreational hackers and cyber criminals alike wreak havoc on data that define our identities, lifestyles, livelihoods, and even our lives. Data breaches are commonplace today, and their impacts have grown in size and effect.

Experts recommend that the physical security of the perimeter, segregation of loading and storage areas, and restricted employee access are foremost. Google, for example, cites that less than one percent of its entire data center workforce even step foot in a center.

Inside, improving security starts with the data center’s supply chain. By implementing the guidelines in NEMA CPSP 1-2015 Supply Chain Best Practices during product development, manufacturers can minimize the possibility that bugs, malware, viruses, or other exploits can negatively affect product operation. CPSP 1 addresses U.S. supply-chain integrity throughout the four phases of a product’s lifecycle:

  • Manufacturing: An analysis during manufacturing and assembly can detect and eliminate anomalies in the embedded components of the product’s supply chain.
  • Delivery: Tamper-proofing ensures that the configurations of the manufactured devices have not been altered between the production line and the operating environment.
  • Operation: A device can be manufactured in a way that enables asset owners to comply with security requirements and necessities of the regulated environment.
  • End of life: Decommissioning and revocation processes may prevent compromised or obsolete devices from being used as a means to penetrate active security networks

How does your data center fare? Check in with the Cyber Risk Management Portal and its portfolio of state-of-the-art enterprise assessment and network-mapping tools.

Sponsored by the National Institute of Standards and Technology and developed by the University of Maryland in consultation with industry leaders, this highly secure community portal will enable your organization to anonymously benchmark itself against the very latest IT and supply-chain risk-management standards and practices.


Read this month’s issue of electroindustry.

 

Leave a Reply

Your email address will not be published. Required fields are marked *