By Martin Walshaw, senior engineer at F5 Networks
Government hacking of sensitive data has become a norm. This time it’s allegations that Chinese authorities hacked the Office of Personnel Management network, accessing information belonging to millions of US federal employees in what has to be seen as an act of cyber espionage.
It is thought that the hackers gained access to “all personnel data for every federal employee, every federal retiree, and up to one million former federal employees”, including social security numbers.
And of course, revelations about government snooping detailed in secret documents leaked by Edward Snowden continue to emerge. The Snowden documents revealed huge, widespread government surveillance of innocent civilians, targeting phone calls, emails, text messages – basically all forms of electronic communications.
Closer to home, some African governments have been implicated in the purchase of tools to spy on journalists and other countries.
Stories like these, and the countless other hacking/data breach headlines, can really make us ordinary people feel like there’s no freedom or democracy online; that we are not free to say or do whatever we want because someone, somewhere is monitoring.
There is a fear that no online service is secure, that every data centre is compromised, and that users are not free to choose who can see their data online. This can have far-reaching implications for service providers.
But it doesn’t have to be this way. There are things that service providers can do to maintain data centre security and mitigate many of the fears surrounding hacking, government snooping, distributed denial of service (DDoS) attacks and so on. It, of course, involves a multi-layered approach to data centre security; one that covers applications, devices, users, access and identity, and so much more.
These days, mobile computing – smartphones, tablets, laptops, etc – has taken IT and, therefore, security requirements away from the traditional perimeter. What’s important to a business and what needs protecting are no longer contained within a data centre, and so the threats have moved as well; data centre security has to reflect that.
Rigorous identity and access management ensures that only the right people can access the right data. It can also govern which devices are allowed to access networks and applications and which locations they can be accessed from. A platform like this offers access monitoring and verification so IT can know who has accessed what, for how long and what they did there – all vital features for ensuring only the correct people access certain data and applications.
Similarly, with something like a global access policy manager, a business can control access based on physical location, IP address and what device they’re using. If whomever is trying to access the network doesn’t meet the policy requirements, they are not allowed access.
DDoS attacks are another method cyber criminals are employing to attack their victims. Having systems in place that can identify and stop malicious actions, while still prioritising legitimate traffic, should help mitigate against DDoS attacks and keep systems and applications running. Also consider intelligent traffic management as a way of ensuring that the right traffic will always get through so legitimate requests to access data or applications will be fulfilled, while malicious traffic will be stopped.
Many of the requirements can be wrapped up inside an application delivery firewall and an intrusion prevention system (IPS), but a unified approach is the best way to ensure full data centre protection.
Having a multi-layered approach to data centre security will give your business the best chance of stopping attacks and preventing unauthorised access while ensuring that genuine workers can still access and use the applications they want, when they want. This is true online democracy without the worry.