Security at the Edge – How to Protect Your Distributed IT and Networks from the Threat of Downtime

When it comes to protecting critical infrastructure across a modern distributed IT network, there’s often enough servers, switches, and storage assets to make even the most experienced CIO’s head swim.

The challenge of securing your network can be overcome, however, by modernising legacy systems and harnessing the latest software capabilities, from AI and machine learning to cloud and data analytics.

In this blog we’ve created a three-step action plan – based on the key themes of monitoring, maintaining and mitigating business and mission-critical issues – to help you put a comprehensive security and services programme into action and ensure your physical security is bulletproof.

1. MONITOR critical infrastructure in the data centre and at the edge

The first step towards effectively monitoring your network is to carry out a full review and asset inventory. This includes on-premise and distributed IT environments, right down to individual wiring closets and the smallest edge computing locations. To protect your applications, you need to establish what assets you have, where they are and the associated risks, such as whether they are cyber secure and the level of routine maintenance they require.

With 60% of attacks on critical infrastructure carried out by insiders, it also pays to monitor who is accessing your physical hardware and whether your equipment is being housed or hosted in the best possible environment.

This is often easier said than done, however. Thanks to the existence of long-serving legacy systems alongside a proliferation of new IT resources, monitoring a physical, distributed network is likely to be complex, time consuming and cost-prohibitive if you attempt to do it manually.

However, open and vendor-agnostic data centre infrastructure management (DCIM) software, such as Schneider Electric’s Ecostruxure IT platform, can help overcome this challenge - providing autonomous real-time insights and anywhere monitoring that ensures a high level of physical security, without breaking the bank.

2. Proactively MAINTAIN your critical infrastructure

Increasing network complexity leads many IT teams to adopt a two-phase approach to network security.

Leading DCIM software solutions designed for edge infrastructure, for example, will provide real-time visibility of critical assets. They can also deliver proactive alerts regarding security issues and vulnerabilities. It is advisable, however, to establish a strict regime of patching and applying firmware updates, locking down SNMP protocols and regular penetration testing to increase security.

Reputable manufacturers should be able to offer details of the patching and firmware support needed to keep their products secure. This isn’t always cheap, so it may be tempting to turn to third-party patch providers, but this comes with significant additional risk.

Third parties don’t and won’t always have access to the manufacturer’s core software, so they may not be able to address specific threats, apply critical patches in a timely fashion, or carry out the very latest firmware updates.

It is vital you inventory the infrastructure that comprises your network before you can maintain it effectively. Without visibility there will inevitably be gaps in your maintenance programme, creating weaknesses for malicious actors to exploit.

The good news is that developments in DCIM software have made it easier to maintain remote, distributed IT sites and edge computing environments, and gain granular information about their performance. This information can include the status of maintenance schedules, software and firmware updates, as well as flagging up early warnings of possible malfunctions.

A comprehensive DCIM solution also enables you to make changes to the configuration of devices, such as uninterruptible power supplies (UPS), racks, and intelligent power distribution units (PDUs). SNMP settings, including authentication, and administrator credentials can easily be changed across a range of devices, without the need to manually log in to each device and make the updates individually.

When a manufacturer delivers a new firmware version with the latest security patches, DCIM software allows you to save the file and roll it out to user-selected, supported devices.

3. Leverage data to MITIGATE security risks

Taking proactive steps to mitigate risk and keep your distributed infrastructure safe can be difficult but there are some powerful ways that DCIM and management software can help. They include:

· Automated door locks and card access control - enabling IT teams to remotely monitor when doors and server cabinets are unlocked and opened, and by whom. They can also flag up unsuccessful attempts to gain access. Having a single, centralised system for door-access management enables you to save time, eliminate the stress and hassle of keeping track of keys or cards, and even meet certain data security compliance requirements.

· Role-based permissions: DCIM software’s ability to grant granular, role-based permission can help you mitigate the biggest data centre and edge security threats of all: employees and the risk of human error. DCIM software tools make it easy to maintain permissions and prevent unauthorised changes by assigning different roles to users and user groups at a granular level. The software will also integrate with your existing active directory and lightweight directory access protocol (LDAP) systems for an additional level of authentication, so only authorised users have access to your critical infrastructure, wherever it is located.

· Surveillance feeds: Legacy CCTV feeds are a thing of the past. Advanced DCIM platforms will support IP and USB cameras. This means multiple feeds can be added to an HTML5 dashboard so you can monitor multiple areas or sites remotely at the same time. As a result, you’ll be able to keep an eye on what’s going on at a remote site – such as a server closet or edge environment – even when you’re miles away.

· Reporting, auditing, and alerts: Unfortunately, you often only discover a security breach after the event. High-speed, granular data shared in real-time can help you stop that unauthorised activity in its tracks. It can also provide powerful insights enabling you to tighten security and prevent future incursions.

For example, Schneider Electric’s Ecostruxure IT, can alert you in real time when the doors to your cabinets are opened and if access attempts are unsuccessful so you can identify unauthorised personnel in your data centre or IT environment, and act accordingly. This information can also be captured in your DCIM software audit log and security reports – the reporting of which will help you spot access trends in different areas of your infrastructure, so you can pinpoint and investigate suspicious activity.

Furthermore, you’ll be able to grant secure access to external experts, who can proactively address unwanted faults before they impact your critical systems – providing services that will increase reliability, efficiency and help prevent downtime.

Modernise and automate in the face of increasing security risks

It’s become a well-known mantra across the IT sector that in the face of an exponential rise in complexity, modernisation and automation are key.

In the case of securing distributed IT and edge networks, IT teams are increasingly focusing their efforts on modernising legacy infrastructure and automating the “monitor, maintain and mitigate” process. Essential to this process is the use of leading software and DCIM solutions.

Organisations that put this mantra into practise will most likely be able to leverage critical infrastructure security as a competitive advantage and ensure reliability and efficiency remain central to their operations.