Cloud technology has changed the way we use computers, moving our software and data to the cloud instead of installed on our own devices. We worry less about our files knowing they are stored safely in a data center, encrypted and secure, spread across multiple drives for redundancy.
But what about the data centers themselves? Many people are concerned about privacy ever since Edward Snowden lifted the veil on NSA spying, let alone the threat of cybercrime, so how are cloud services protecting your data?
To answer that question, lets first take a look at what data centers are. You probably imagine a room full of computers and though thats not incorrect, its likely a little different than you might imagine.
Thats one of Googles many data centers. The company is very transparent when it comes to their data centers, revealing as much as they can without compromising security. They have such centers across the world to both ensure redundancy in the case of an outage and also to provide reliable connections to users irrespective of geographical location.
A data center is a centralized location for IT infrastructure, whether privately owned, for a companys internal IT needs, or whether it provides public services and infrastructure, such as Amazons Web Services. As you can imagine, centralizing all this equipment is risky without the proper precautions.
Data centers typically require at least the following to keep data safe:
Environmental controls: these are necessary to keep equipment cool, since a room full of high-powered technology generates an incredible amount of heat. Excess heat can lead to equipment failures and shorten the lifespan of server components.
Uninterruptible Power Supplies (UPS): in the event of a power outage, servers and other equipment must keep running to meet the data centers SLA, or service-level agreement. UPS units and backup generators can keep servers running until power is restored.
Security systems: to ensure the security and privacy of customers, data centers employ a wide range of security measures to prevent unauthorized access, including biometric access measures, locked server cages, surveillance systems, multiple forms of identification and some go so far as using mantraps a small room that connects an unsecured area to the secure data center.
Though those first two are worthy of their own respective articles, let us focus on security for now.
Though compiling a full list is practically impossible, these are the most common security measures you can find in any given secure data center.
One of the first lines of defense in any security plan is adequate surveillance. For starters, cameras installed around the perimeter of a data center are used to watch for suspicious activity. Inside, video surveillance acts as a record in the event of a security incident, while metal detectors ensure that hardware is not snuck into or out of the facility.
Most data centers will employ security guards inside the facility, but some such as Google and Apple have security guards that routinely patrol both the interior and exterior of their facilities.
Though it is unlikely that anyone will try and take a data center by storm, some companies arm their guards, further securing the premises.
Data centers are typically one of two styles depending on function and the needed security: single-purpose, or multipurpose. Multipurpose data centers are less secure, as they have other employees on site besides those responsible for the data center itself. They may contain adjacent offices for the business and arent usually used for sensitive data or infrastructure.
Secure data centers are built strictly for the purpose of housing IT infrastructure and are designed accordingly. Typically they are removed from the road, keeping a buffer zone around the site, including crash-proof barriers and security patrols.
Most do not have exterior windows and if they do they are typically made of bulletproof glass. Fire exits open strictly to the outside and there are a limited number of entry points, usually a front entrance and a loading area.
The interior is designed to separate the main data center area from any other rooms, such as a break room, entrance lobby or restrooms. Security increases the closer you get to the heart of the data center, requiring multiple forms of identification or access control.
Only authorized personnel should be allowed in these secured areas, where the servers, routers and other equipment live. To prevent unauthorized individuals from waltzing in and out with customer data or installing malicious hardware, data centers employ a wide array of access controls throughout a data center.
Google, for example, uses custom-designed electronic access cards and the closer you get to the data center floor the more sophisticated the authorization protocols get. The heart of the data center is only accessible via a security corridor that uses multifactor access control with badges and biometrics, with less than one percent of Google employees ever stepping foot inside the data center.
Mantraps are often employed to limit access to authorized individuals and prevent an criminals from tailgating, the practice of following someone closely to gain unauthorized entry to a secure area. Typically, a mantrap is a set of two doors with an airlock in the middle.
Both doors of a mantrap require authentication, such as a biometric lock or keycard, and only one door can open at a time. The area is kept under surveillance so that guards can identify any issues or stop someone from proceeding further.
Scales are used to measure visitors, and are sensitive enough to weigh someone and determine if someone leaving is heavier than they were upon entering, indicating they might be sneaking out stolen hardware. If the scale detects a difference, the door refuses to open and requires a security guard to bypass the locking mechanism.
For sensitive servers and equipment, separate rooms and cages or cabinets are used to segregate sensitive equipment from non-sensitive servers. Companies such as Iron Mountain allow customers to request CCTV cameras in the cage as well as custom fencing materials and other features, if needed.
This is just a few of the many countermeasures employed by data centers. Google goes so far as to build their own custom servers from the ground up, removing unnecessary hardware or features to reduce the attack surface. No one else has the servers that Google uses.
Other data centers may employ similar custom solutions, and dont disclose other security systems or countermeasures they employ to reduce the possibility of compromise. Security is, after all, serious business.
Hacking, malware and spyware are the obvious threats to your data, but few people stop to think of the physical aspect of IT security. Data centers take security to a whole new level. They are costly businesses to run and their entire purpose is to keep IT infrastructure up and running 24/7, secured from any and all possible threats.
Sign up for our newsletter to get the latest on new releases and more.
Now that you know the measures companies take to protect their servers, you can worry a little less about storing data in the cloud. The biggest weak spot in cloud computing is user errors, so take some time to learn how to create a strong password and learn how to encrypt your data, including texts and emails.
Thank you for reading and please let us know your thoughts in the comments below.
- Brinkster Cloud Servers - VMware, SolidFire SSD-Based ... - June 2nd, 2018
- Virtual Network Virtual Private Cloud | Microsoft Azure - March 29th, 2018
- Keeping Your Files Safe in Google's Cloud - New York Times - September 7th, 2017
- 5 Reasons SD-WAN, 4G LTE Are Cloud Essentials - No Jitter - September 7th, 2017
- Canon USA Advances PRISMAsync Color Print Server in Version 5.2, Offering Cloud-Based PRISMAlytics Dashboard ... - PR Newswire (press release) - September 7th, 2017
- HPE Reports Q3 Gains Along With Cloud Deal - EnterpriseTech - September 6th, 2017
- Huawei Releases the New-Generation Intelligent Cloud Hardware Platform Atlas - Markets Insider - September 6th, 2017
- Unlocking the promise of a connected world through edge cloud ... - ITProPortal - September 5th, 2017
- Want to do IoT right? You'll need more storage, networking, servers, and cloud - TechRepublic - September 5th, 2017
- So you're already in the cloud but need to come back down to Earth - The Register - September 5th, 2017
- Nasa: Our demands for repeat presidential election - Daily Nation - September 5th, 2017
- Chinese smartphone maker Xiaomi open to moving servers to India - Economic Times - September 5th, 2017
- VMware officially lands on AWS cloud with new management and security features - SiliconANGLE News (blog) - September 2nd, 2017
- VMware-on-AWS is live, and Virtzilla is now a proper SaaS player - The Register - September 2nd, 2017
- Socionext Partners with Advantech to Offer High-Density, Low-Cost ... - Design and Reuse (press release) - September 2nd, 2017
- Municipal adoption of the cloud - American City & County (blog) - August 31st, 2017
- Veeam follows Virtzilla's cloud up the Amazon - The Register - August 31st, 2017
- Where does a business's data live? - Information Age - August 31st, 2017
- IBM cooks up a hardware architecture for tastier cloud-based services - TechTarget - August 31st, 2017
- Tachyum bets on flash storage to re-architect the cloud data center - ZDNet - August 29th, 2017
- Juniper adding microsegmentation to Contrail cloud - TechTarget - August 29th, 2017
- The future of serverless cloud looks a lot like physical servers - TechRepublic - August 29th, 2017
- Demand for server specialists increases, but talent pool is small - Network World - August 29th, 2017
- The pros and cons of cloud vs in house servers - Edmonton - August 28th, 2017
- You Can Now Spin Up VMware Servers in Amazon Data Centers - Data Center Knowledge - August 28th, 2017
- Windows Server 2016 changes prompt a new look at management - TechTarget - August 28th, 2017
- Cloud security market to reach $12B by 2024, driven by rise of cyber attacks - TechRepublic - August 28th, 2017
- Jeff Pulver, Internet Pioneer of VoIP and Entrepreneur Joins ... - Markets Insider - August 28th, 2017
- Google Aims to Boost Cloud Security with Titan Chipset - BizTech Magazine - August 28th, 2017
- Oppo and Vivo plan to move cloud storage to India, following India's new directives on data security - Firstpost - August 28th, 2017
- Digital Deluge on the Cloud - Valley News - August 27th, 2017
- How Can You Improve Document Management By Integrating Cloud-Based File Sharing And What You Need To Know ... - Business 2 Community - August 27th, 2017
- Hitachi rack servers get VMware Cloud treatment The Register - The Register - August 26th, 2017
- CenturyLink enhances VMware-based DCC platform, touts software-defined data center approach - FierceTelecom - August 26th, 2017
- Biz sends apps to public cloud, waves 'bye to on-premises server ... - The Register - August 23rd, 2017
- Druva Raises Another $80 Million - Channel Partners - August 23rd, 2017
- CrashPlan alternatives: How to move to another home backup solution - Macworld - August 23rd, 2017
- VMware shares to surge more than 20% because the Amazon cloud threat is overblown: Analyst - Yahoo Finance - August 23rd, 2017
- AMD Lines Up New China Datacenter Partners - EnterpriseTech - August 23rd, 2017
- How do you bring artificial intelligence from the cloud to the edge? - TNW - August 21st, 2017
- The rice of cloud, avocado of virtualization and salmon of doubt: Let's eat storage sushi - The Register - August 21st, 2017
- 70% of firms face skill shortages for server-based roles - Cloud Pro - August 21st, 2017
- Qualcomm moved its Snapdragon designers to its ARM server chip. We peek at the results - The Register - August 21st, 2017
- Info on 1.8 million Chicago voters exposed on Amazon server - USA TODAY - August 21st, 2017
- Microsoft and Google Give Startups Options to Amazon's Cloud - Fortune - August 18th, 2017
- Cloud is the ignored dimension of security: Cisco - ZDNet - August 18th, 2017
- How AIG moved commercial claims to the cloud - Information Management - August 18th, 2017
- Oracle expands database offering to its cloud services - Network World - August 16th, 2017
- Voices Cloud security from all angles - Accounting Today - August 16th, 2017
- HostHatch launches new Cloud Servers - 5x faster than the giants, including AWS & DigitalOcean - PR Web (press release) - August 15th, 2017
- Oracle Exadata Cloud lands on bare-metal servers - Computer Business Review - August 15th, 2017
- School phones go on 'the cloud' - The Ridgefield Press - August 15th, 2017
- Datrium Announces Split Provisioning For Simple Private Cloud Consolidation At Rackscale - Markets Insider - August 15th, 2017
- New McAfee virtual network security platform offered as part of free test drive on Amazon Web Services - CTR - August 14th, 2017
- How to move into a cloud career from traditional IT - InfoWorld - August 14th, 2017
- Oracle Makes the Most Powerful Database Platform Available on the Industry's Most Advanced Cloud Infrastructure - PR Newswire (press release) - August 14th, 2017
- Frank Dinucci's Cloud Accounting Workshop Draws Many ... - Markets Insider - August 13th, 2017
- Frank Dinucci's Cloud Accounting Workshop Draws Many Entrepreneurs - PR Newswire (press release) - August 12th, 2017
- Cryptocurrencies have pulled one of Nvidia's most sluggish businesses out of the gutter - Quartz - August 11th, 2017
- GoDaddy tops Q2 targets, revenue up 22 percent - ZDNet - August 9th, 2017
- Hardware Can Still Make or Break the Cloud - IT Business Edge (blog) - August 9th, 2017
- Serverless Architectures from an MSP's Point of View - MSPmentor - August 4th, 2017
- Unisecure Data Centers Offers 15% Discount On Cloud Server Hosting Services - HostReview.com (press release) - August 2nd, 2017
- How The Cloud Will Disrupt The Ad Tech Stack - AdExchanger - August 2nd, 2017
- Packet launches edge compute service in 15 global locations - RCR Wireless News - August 2nd, 2017
- IBM adds Optane to its cloud, only as storage and without GPUs - The Register - August 2nd, 2017
- Joining Apple, Amazon's China Cloud Service Bows to Censors - New York Times - August 1st, 2017
- Cisco Launches New UCS Servers, Hybrid Cloud Management ... - SDxCentral - July 12th, 2017
- Verizon data of 6 million users leaked online - CNNMoney - July 12th, 2017
- Server vendors board the Xeon SP party bus - The Register - July 12th, 2017
- New Azure servers to pack Intel FPGAs as Microsoft ARM-lessly embraces Xeon - The Register - July 12th, 2017
- Hybrid cloud and blockchain solutions will be the future for data backup - Information Age - July 10th, 2017
- New 'Microsoft 365' package bundles Windows and Office for businesses - GeekWire - July 10th, 2017
- Tech Data Tightens Cloud Integration With Microsoft To Unlock Simpler Experience For SMBs - CRN - July 10th, 2017
- 6502 Retrocomputing Goes to the Cloud - Hackaday - July 8th, 2017
- Retail apocalypse may jump start suburban renewal - Lexington Herald Leader - July 8th, 2017
- Evaluating AMD's Server Market Potential - Seeking Alpha - July 7th, 2017
- Cubic Subsidiary Gets NSA Clearance for Cloud Servers With Aruba Virtual Mobility Controller - ExecutiveBiz (blog) - July 7th, 2017
- As cyberattack hit, Ukrainians turned to Facebook and Google - Houston Chronicle - July 6th, 2017
- Baidu Deploys Xilinx FPGAs in New Public Cloud Acceleration ... - Design and Reuse (press release) - July 6th, 2017