Security is the important strategy which is to be planned and implemented across all infrastructure layers to secure the IT infrastructure and the information stored in both traditional datacenter and cloud datacenters. Efficient security methods and processes have to be implemented to prevent unauthorized access to company assets and also to maintain the integrity and confidentiality of sensitive information from unknown users.
In the previous posts, we learned the basics and fundamentals of Virtualization and Compute, Network and Storage. In this post we will learn the security fundamentals and various security technologies and techniques that can be used to secure the Compute, network and storage components of a data center.
- Introduction to Security
- Security Considerations and Countermeasures
- Compute Servers (VMs) Security Overview
- Network Security Overview
- Storage Security Overview
- Introduction to Encryption
- Identity and Access (IAM) Security Overview
Introduction to Security
Security is the technique and process to ensure only authorized personnel is allowed to access the physical and logical assets of an Organization such as servers, storage, network and the data in transit and at rest. As Cloud technologies continue to evolve, the need for more stringent security techniques and processes to protect the digital information is increasing. Security can be categorized into two different types
- Information Security – It is the process to protect sensitive business data and information from unauthorized personnel’s.
- IT Security – It is the techniques used to secure the data which is stored in servers, storage and network.
IT security can be achieved by implementing security best practices and techniques across the Compute, storage and network layers of the datacenter. However, Information security can be achieved only if proper process & policies are followed by all the employees of the company. Often, employees ignores the importance of following such security process and policies which may result in compromising the access to IT infrastructure and as well as compromise the access to the sensitive data.
Security Vulnerabilities and Threats
A security vulnerability is often the result of weak architecture design, implementation, operation or internal control of the IT systems. Hackers regularly try to gain access to the sensitive information by targeting these vulnerabilities with the help of automated tools & customized scripts. It is very critical for an organization to understand the attacks that can be made against these vulnerabilities and take adequate measures. The security threats caused by these vulnerabilities can be classified into one of these categories below:
- Phishing – This threat is common in emails and website logins, attackers tries to gain the sensitive information such as user ids, passwords and bank login details from the users by deceiving the users with disguised official emails and links.
- Eavesdropping – It is the process of listening to a conversation between the computers in a network. Eavesdropping is a common threat while sending the data over public internet. This is the threat to the information that is send over a internal network or public network.
- Spoofing – Spoofing can be of many types such as email spoofing, IP address spoofing, MAC spoofing and Biometric spoofing. attackers disguise as a valid entity by falsifying the data such as username and password in order to gain access to the critical business data.
- Backdoor – A hacker can gain access to the system or information by bypassing normal authentication process or security controls. This can be done by running an automated script or an algorithm to gain the access. This can happen for various reasons such as due to weak authentications processes, employees not following password best practices, existing employee may adds the other user to allow some legitimate access, regardless of the motives for their existence, this backdoor create a threat to the company’s systems and data.
- Denial of Service – This threat will deny or prevent the services to be accessed by the legitimate users. Attackers can run automated scripts to overload the compute and network power to bring the application down and block the users. These attacks can originate from single source or from multiple sources by using zombie computers of a botnets.
- Multi-vector or polymorphic Threats – Attackers can combine several types of attacks into a single form of attack to avoid security controls as they spread through the systems to gain access to the sensitive data.
- Privilege escalation – An existing employee with limited access can gain full access to the sensitive information by exploiting the vulnerability and loop holes in the security.
- Social Engineering – It is the process or techniques attackers follow to trick and deceive the users to disclose their secrets and login information such as passwords, secret codes etc.
- Tampering – Attackers use this technique to alter the true functionality or usage of the system or data by malicious modifications.