Tuesday, April 10, 2007

Security Considerations for Data Centres

Communications in data centres today are most often based on networks running the IP protocol suite. Data centres contain a set of routers and switches that transport traffic between the servers and to the outside world. Redundancy is sometimes provided by getting the network connections from multiple vendors.
So, what are the other considerations we need to take in count when designing data centre?

Network Security
Most people take it for granted, but network security plays important role in securing our data. Every package, encrypted or not, traverse the network and affected from network state.
Usually, data centres must have crypo-capable routers and switches with comprehensive ACL rules, firewalls whom are capable to deal with different protocols required by your business (like VOIP, VPN) and perform application data inspection, role based access control to managing the network and other security features (such as anti-virus, anti-span, etc.).

Business Compartmentalization
Since business information stored on servers is the core of business, we need to make sure that this information is not accessible to third party. It is considered a good practice to separate each enterprise to a separate VLAN and, if possible, to separate each business application to different compartment. This way, virus outbreak or DoS attack that affects one compartment, will no influence the business information flow in the other.

Administrative Traffic
Sniffing administrative traffic can be very helpful when you are trying to break into “digital fortress”. This traffic may contain access password, IP addresses, configurations, etc. Data centres need to make sure that this information is inaccessible and doesn't mixed up with production data. To do so, create separate VLAN segment for administrative traffic and make sure that this traffic is encrypted. In this case, separate network segment not only increase security, as intruder will have to break through another layer of defence, but also improve performance of production segment.

Logging and Monitoring
High-quality event logging and monitoring is the lifeblood of incident response operations. Many organizations have implemented pretty good event logging at the network and operating system level, but very rarely at the application level. To the incident response analyst, each layer of logging brings its own perspective on a security event. And a full complement of those perspectives is necessary to really understand what took place at the
For example, when trying to forensically determine how a site was compromised, the network logs show the date, time, protocol, source, etc., of the attack. The operating system logs show what the intruder did and accessed on the host's operating system. The application logs provide insight into what data the intruder accessed, modified, deleted, etc., within the compromised application. Without that ''big picture'' view, it is exceedingly difficult to provide company executives with an accurate damage assessment so they can make the appropriate business decisions on how to proceed.

Regulations Compliance
Sometimes it is very important that your data centre provide complies with different regulations and standards as it may affect your organization's compliance. There are different regulations such as BS7799 / ISO17799 Information Security Management, Basel II and the Basel Capital Accord, and the Sarbanes-Oxley Act 2002, which provide guidance for investment institutions and ISO14000 Environmental Management System.

DRP (Disaster Recovery Plan)
Not only DRA is compulsory compliance (such as Sarbanes-Oxley and HIPAA), it is essential to business continuity. Disaster recovery plane gives you the ability to respond to an interruption in services by implementing a plan to restore an organization's critical business functions, and since the core of business is the data stored in our data centers. Is is important to design, implement, test and update DRP to ensure regulation compliance, and more important, continuity of the business.

And, Physical Security
Some will argue that physical security has nothing to do with information security. I don't believe so. Since the core values of information security are confidentiality, integrity and availability of the data we are trying to protect, and they are affected from physical factors, we have to take them in count when protecting our data.


Data centre have to be located as far as possible from flooded locations and ensure humidity between 35-85%. Water, or humidity can damage our servers, therefore integrity of our data and availability of business services.
Too much humidity and water may begin to condense on internal components; too little and static electricity may damage components.

Data centrers must have elaborated fire prevention and fire extinguishing systems. The best practice is to have zoned fire prevention and detection systems and high-quality fire-doors and other physical fire-breaks. In case a fire does break out it can be contained and extinguished within a small part of the facility. Fire detection systems must consist of a very sensible heat sensors, which should detect even the smallest heat rise or spark in order to deal with the situation before full scale fire incident.

Backup power must be catered for via one or more uninterrupted power supplies and/or diesel generators. To prevent single points of failure, all elements of the electrical systems, including backup system, have to be fully duplicated, and critical servers connected to both the "A-side" and "B-side" power feeds.

Access Control
Perhaps the most important factor is data centre security is access control. If server can be damaged, the data will not be available. Another scenario, if data is encrypted but the server is stolen, not only our data is not available, which can damage business, it also can be take to external location where sensitive information can be decrypted.
Physical access to the site must be restricted to allowed personal only. Organisation must consider using access cards (with smart chip), biometric systems and double door with separate access tokens. In many cases, surveillance cameras and guards are used to increase the security.

Published under Comsec Consulting UK

Thursday, April 5, 2007

Five Most Important Security Considerations for VoIP

It is understandable why so many organizations are moving to a Voice over IP infrastructure. VoIP is one of the fastest growing technologies in telecommunications today, thanks to its low cost and great flexibility. However, due to VoIP's special security vulnerabilities, the assimilation of VoIP systems in enterprises involves major security risks, and requires deep organizational thought and examinations regarding the ideal VoIP architecture. Enterprises are under the mistaken assumption that existing network architecture can still be used “as is” following the addition of a VoIP infrastructure. However, this addition can damage the quality of service in the enterprise. Moreover, this can also cause financial damage and damage to the organization's reputation.
Enterprises that decide that they wish to change their voice communication infrastructure into VoIP face a great challenge. This change requires principal thoughts and raises essential questions regarding issues that affect the architecture of the network and the interface between VoIP and the data network.
The following section will outline the risks that financial organizations have to consider when implementing a VoIP infrastructure:

Risk to Existing Data Network
The deployment of some VoIP systems can damage an enterprise's information security layout including the quality of services provided by these systems. As VoIP services run on the organization’s existing platforms, they are exposed to the same information security breaches. Networks that are not secured enough can damage VoIP and other environments in the enterprise, thus they must be designed and secured in the most appropriate way. Since a financial organisation relays on the existing data network for business critical applications, e-Banking infrastructure and transactions, damaging it could lead to a huge financial loses as well as lost of trust.

Opening VoIP to the Internet
Privacy and security regulations dictate that financial institutions are ultimately responsible for the privacy of their client/partners. Opening VoIP components to external communication besides the inter-organizational communications increases the exposure of the internal network to security risks. In addition to that, VoIP applications are exposed to data stealing, eavesdropping, impersonation and denial of service; vulnerabilities which can affect the data network if not configured correctly. The leakage of unpublished financial reports or client’s confidential information can damage organization’s reputation as well as lead to financial loses. Organizations need to ensure that VoIP deployment does not minimize enterprise's information security or quality of services and examine the risks to its information.

Data Stealing and Eavesdropping
Similarly to other data, VoIP is exposed to attacks and attempts to make use of software breaches. VoIP eavesdropping attempts are even more easily executed than PSTN calls. Organizations need to inspect the access control list and policy enforcement; will make sure that the machinery is configured in such a fashion that only permitted individuals can use VoIP and implement a maximal secured network with context to VoIP oriented attacks. All of these can contribute to making the financial institution's infrastructure more secure from external and internal threats.

Assuring Business Continuity
Availability of e-Banking applications, financial databases and other business IT assets is critical to financial organisation. A single power outage can cause financial and image damages to the enterprise and its services due to the lack of ability to use VoIP. Organizations will have to evaluate the options, costs and efficiency in business continuity in case of a power outage that prevents the ability to use VoIP. Also, organizations will have to examine and evaluate various business continuity plans to overcome this obstacle.

Endpoint Security Issues
Integration of some types of endpoints into VoIP systems can damage the security level of the network. VoIP systems use a wide variety of forms for communication, ranging from the traditional telephone handsets to conferencing units, mobile units and soft-phones. However, malicious codes and other various vulnerabilities are very common on PCs connected to the Internet, and must be checked in the integrative network to ensure its security. The organization will have to check the quality of Wi-Fi protection and soft-phones, if used.

Financial enterprises will have to ensure the optimal security before, during and after VoIP deployment in the enterprise. Inadequate security may cause financial damage and damage to the organization's reputation.

Published under Comsec Consulting UK