The modern world is all about data. People, businesses, organisations and even governments now largely exist as a collection of digital records in cyberspace – from our personal details and finances, to our photos and social lives, or businesses, and the infrastructure for ecommerce… all exist as binary code stored in, and transmitted between data centres across the world.
This makes facilities like data centres incredibly valuable and incredibly vulnerable.
Most people aren’t aware of data centres, but they are everywhere. However, because of their value and vulnerability their locations are naturally not publicised. To give some idea of how many data centres there are; back in 2013 it was estimated that around 10% of the world’s total electricity use was used to operate data centres.
There are a range of strict rules governing data centres and their operation that have been put in place to ensure that the data stored is safe. For example, every data centre must have a back-up data centre that cannot be located within a certain distance. This is to ensure that something like a nuclear strike, flood or earthquake could only take out one of the data centres, not both. Plus there is an entire industry dedicated to online security and efficiency working to protect data centres and the data stored and transferred.
As the recent Sony cyberattack graphically illustrated, the potential effects of cybercrime are huge. It also illustrated that even the largest of institutions can fall short in their online security stance. Sony learned a hard lesson and the rest of the business world will have taken notice.
However, while there is a huge industry dedicated to defending and tackling online cybercrime, and while businesses are becoming more conscientious about cyber defence, there is a growing real world physical vulnerability that is becoming increasingly apparent. It is all well and good that so much resource is being put into online security and defence, but what about physical defence of data centres and other sensitive locations?
Criminals and terrorists are becoming increasingly sophisticated in their tactics, and physical attacks have become less random and are highly targeted for maximum effect. A physical attack on a data centre or series of data centres would cause at least the same disruption as an online attack. So hoping that keeping a low profile and not being noticed is not a sensible approach to physical security. Data centre operators need to ensure their facilities are at least as well protected in the real world as they are in cyberspace.
As published in PFM Magazine www.pfmonthenet.net/