While we were helping a very large organization expand an existing global footprint, the advice we shared is relevant across firms of all sizes. Let’s take a look at a few ways that all organizations can enhance cyber resilience.
Location, Location, Location
When it comes to placing a secondary data center, it’s all about the location — specifically, the location relative to other facilities. The first site that the firm had in mind was located only about 25 miles from one of its existing sites. I reminded the CIO that this exposed the company to the risk of both facilities being taken offline by the same disaster. It’s good practice to separate facilities by at least 75 to 100 miles.
Check Out the Local Infrastructure
When examining potential locations, you don’t want to just draw a line 100 miles from your existing facility and plop down your new data center there. Make sure that you verify the local infrastructure first and ensure that there is sufficient power available — and that bringing utilities to your site won’t require extensive (and expensive) trenching work that can easily blow up your budget.
Integrate Strong Authentication
Protecting your data center requires carefully limiting physical access. The financial services firm planned to have about 30 people working in the facility on a typical day, with occasional visitors from other areas. Make sure that your facilities have strong access controls in place to successfully identify and authenticate both regular employees and occasional visitors to prevent unauthorized access.
Build Out Robust Monitoring Capabilities
Make sure that you’re able to quickly identify situations where something is amiss. As you build out firewalls, endpoint protection platforms and other security controls, integrate them with a security information and event management (SIEM) solution to provide your operations team with real-time insight into security events.
Test Your Recovery Plans
Some organizations choose to adopt a secondary data center strategy where the facility sits idle until it is needed during the activation of a disaster recovery plan. That’s a perfectly valid strategy, but if you choose this approach, be sure to test that facility regularly. Testing a backup data center is a laborious task that engineers generally prefer to avoid, but it’s crucial to your cyber-resiliency efforts. You definitely want to discover any flaws in your plan during a test, not during an actual emergency.
These basic cybersecurity principles can help organizations build more resilient technology infrastructures. Organizations that follow them will find themselves better positioned in the event of a natural or man-made disaster.