Risk
3/15/2013
11:05 AM
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Next Steps In Data Center Security

Government agencies face a growing number of cyber threats. Here’s what federal IT teams can do to protect their systems, networks and data.

InformationWeek Government March 18, 2013 InformationWeek Green
Download the entire March 2013 issue of InformationWeek Government, distributed in an all-digital format (registration required).


Secure The Data Center When IT security is a focal point of the State of the Union address, as it was in President Obama's February speech, government IT pros had better take notice.

Foreign adversaries are "seeking the ability to sabotage our power grid, our financial institutions and our air traffic control systems," the president warned. "We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy."

Federal government data centers are at the center of this discussion. The systems and databases within those data centers house everything from the personal information of U.S. citizens to law enforcement case records and classified intelligence.

Federal agencies have been shoring up their data center defenses for years, but much more needs to be done. Security experts report not only a growing number of attacks, but also successful breaches. Throwing money at the problem isn't the answer, nor is it an option. The federal IT budget remains flat and sequestration, which went into effect March 1, triggered across-the-board cuts. Federal CIO Steven VanRoekel, in a February interview with InformationWeek Government, warned that sequestration could cause agencies to lose momentum in their efforts to improve cybersecurity. Agency CIOs have to be smart and selective in how they invest their limited resources.

"The problem is much bigger than it was three or four years ago," says Omar Khawaja, head of product marketing for data center operator Verizon Terremark, which provides hosting and cloud services to federal agencies. "You've got more threats, more vulnerabilities and the assets are more critical than ever before."

Shortly after the State of the Union address, Mandiant, a security vendor, released a report that traced a Chinese hacker group, dubbed APT1 and suspected of "economic espionage" against at least 141 companies and government agencies over seven years, to a district in residential Shanghai that's home to a unit of the People's Liberation Army. It was the most detailed in a growing body of evidence that the Chinese military may be involved in probes of U.S. computer systems. The New York Times, Google and Apple all reported security breaches at about the same time.

Federal agencies are targets, too. In February, the Department of Energy revealed that online attackers had penetrated its network and obtained personal information on hundreds of employees and contractors. The department's Joint Cybersecurity Coordination Center and federal law enforcement agencies are investigating the incident. In a memo to employees, DOE recommended that they encrypt all files and emails that contain personal information, including files stored on hard drives or on the shared network.

The Department of Defense, even with its U.S. Cyber Command operations, remains vulnerable as well. The Defense Science Board, a civilian committee that provides scientific and technical advice to the Pentagon, said in a report this month that the DOD isn't prepared to defend against sophisticated international cyber attacks. The report pointed to "inherently insecure architectures," inadequate intelligence and the sheer limits of technology in defending against emerging cyber threats. It encourages the DOD's CIO to work with the military branches to create an enterprise security architecture that includes minimum standards to ensure a "reasonable" level of defensibility and increase the probability that attacks are detected.

Robust data center security starts outside the brick-and-mortar building. Verizon Terremark serves federal customers from a 30-acre complex in northern Virginia that's protected by 12-foot beams, DOD-approved fences, blast-proof walls and motion-sensor cameras. But it's the systems, software and processes inside the data centers used by government agencies -- some owned and operated by contractors, others by the agencies themselves -- that are the urgent focus of federal IT teams.

To read the rest of the article,
download the March 2013 issue of InformationWeek Government.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
JacksonShaw
50%
50%
JacksonShaw,
User Rank: Apprentice
3/21/2013 | 6:52:32 PM
re: Next Steps In Data Center Security
Certainly a proper identity and access management strategy would be useful to the feds too. At the end of the day "brick and mortar" provisioning and de-provisioning are pretty important. In today's age - and especially for the feds - ADAPTIVE authentication and authorization are hugely important. Someone located in Washington DC trying to access a resource should receive a different response from the systems than if they the same person was trying to access that same resource from China (for example). Maybe they need to use their smartcard or one-time-password device or maybe they just aren't allowed. We need to tie all this stuff together.

Jackson Shaw
Dell
John Foley
50%
50%
John Foley,
User Rank: Apprentice
3/18/2013 | 3:51:33 PM
re: Next Steps In Data Center Security
Three key takeaways from this article: 1) More money isn't the answer given the fiscal situation. The feds have to come up with ways to defend against new threats across many fronts, but there will be no blank check. 2) The only way to get your arms around the big and growing threat landscape is to make it "smaller." 3) New, innovative approaches are needed. I would add that all three points are interrelated.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0985
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter.

CVE-2014-0986
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter.

CVE-2014-0987
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter.

CVE-2014-0988
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.

CVE-2014-0989
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter.

Best of the Web
Dark Reading Radio