This piece was originally published in the July 2016 issue of electroindustry.
Pat Walsh, Editor in Chief, NEMA
Data centers scream security. Central to their operations is redundancy, redundancy, redundancy.
On a daily basis, recreational hackers and cyber criminals alike wreak havoc on data that define our identities, lifestyles, livelihoods, and even our lives. Data breaches are commonplace today, and their impacts have grown in size and effect.
Experts recommend that the physical security of the perimeter, segregation of loading and storage areas, and restricted employee access are foremost. Google, for example, cites that less than one percent of its entire data center workforce even step foot in a center.
Inside, improving security starts with the data center’s supply chain. By implementing the guidelines in NEMA CPSP 1-2015 Supply Chain Best Practices during product development, manufacturers can minimize the possibility that bugs, malware, viruses, or other exploits can negatively affect product operation. CPSP 1 addresses U.S. supply-chain integrity throughout the four phases of a product’s lifecycle:
- Manufacturing: An analysis during manufacturing and assembly can detect and eliminate anomalies in the embedded components of the product’s supply chain.
- Delivery: Tamper-proofing ensures that the configurations of the manufactured devices have not been altered between the production line and the operating environment.
- Operation: A device can be manufactured in a way that enables asset owners to comply with security requirements and necessities of the regulated environment.
- End of life: Decommissioning and revocation processes may prevent compromised or obsolete devices from being used as a means to penetrate active security networks
How does your data center fare? Check in with the Cyber Risk Management Portal and its portfolio of state-of-the-art enterprise assessment and network-mapping tools.
Sponsored by the National Institute of Standards and Technology and developed by the University of Maryland in consultation with industry leaders, this highly secure community portal will enable your organization to anonymously benchmark itself against the very latest IT and supply-chain risk-management standards and practices.