Is A Colocation Data Center The Right Venue For Your Private Cloud?

Is A Colocation Data Center The Right Venue For Your Private Cloud?Businesses that have outgrown their server room or small on-premises data center have several infrastructure hosting options to choose from. They can build a bigger data center, they can launch servers on a public cloud platform, or they can colocate their servers in a third-party data center.

None of these options is best in all circumstances, but a private cloud colocated in a world-class data center provides a balance of security, performance, cost control, and flexibility that is hard to beat.

A private cloud is architecturally identical to a public cloud platform. It uses the same virtualization and orchestration technology to provide on-demand server deployment, fast server scaling, and infrastructure automation. But only code and data owned by the owners of the underlying physical servers ever touches their private cloud.

Private cloud vs public cloud

The public cloud may offer improved cost control and increased flexibility compared to traditional server hosting options, but security, compliance, and performance issues make many businesses leery of putting critical infrastructure in the hands of a public cloud vendor, especially in the wake of the Spectre and Meltdown vulnerabilities, the full impact of which has yet to be seen.

Colocation is inexpensive compared to the building and management of a data center, and it is unlikely that any but the largest of companies has the IT budget to build a data center with the redundancy, connectivity, and economies of scale available to an enterprise colocation provider.

A colocated private cloud provides businesses with a solution that optimizes IT infrastructure along several dimensions. It involves some capital expenditure for servers and associated hardware, but nowhere near as much as building a data center with the capabilities provided by the best colocation data centers.

From the perspective of users within the business, it provides the same flexibility and agility as the public cloud, but without the security risks, compliance difficulties, and performance issues that affect public cloud users. For larger deployments, owned hardware is often less expensive than the public cloud, as companies like DropBox have discovered.

Maximize server utilization

Low utilization is a major cost center for many IT departments. By maintaining control of the infrastructure and virtual server / container orchestration, private cloud users can make sure their infrastructure use is efficient and cost effective. Businesses can optimize infrastructure costs and increase server utilization by leveraging virtualization and orchestration technologies like OpenStack or Kubernetes for containerized applications.
A well managed and utilized private cloud makes considerable demands on the networking and power infrastructure of its host data center. To ensure reliability and availability, private cloud users should select a colocation data center provider capable of meeting their needs.

Cyber Wurx’ Atlanta colocation data center is the ideal venue for private cloud hosting. With service feeds from multiple metro service grids, 10 gigabit capacity on multiply redundant peers, and world-class physical and electronic security. To discuss hosting your private cloud in Cyber Wurx’s enterprise colocation data center, get in touch today.

Colocation Users Should Be Alert To The Threat Of Cryptojacking

Colocation Users Should Be Alert To The Threat Of CryptojackingIf you were to design the perfect money-spinning tool for cybercriminals, it would probably look something like a cryptocurrency. There is no need to sell data or credit card numbers, create spurious advertising campaigns, or deal with less-than-honest middlemen to make a buck. All the enterprising criminal has to do is compromise a server, install cryptomining malware, point it at their digital wallet, and wait for the money to come rolling in.

Tesla is the latest high-profile victim of cryptojacking — the use of cryptomining malware to generate coins. The Tesla story is interesting from a number of perspectives that are relevant to colocation clients, not least the technique the attackers used to compromise Tesla’s servers. The attackers used an unsecured Kubernetes console to access credentials for Tesla’s cloud infrastructure, giving them access to sensitive data and the infrastructure on which they ran the cryptomining software.

Businesses are likely to see their security systems come under even greater pressure because of the ease with which cryptomining can be used generate revenue for criminals, the rising value of cryptocurrencies, and the increasing expense of legitimate mining.

A recent survey revealed that cryptomining malware affects 23% of organizations globally, and although cryptomining might seem relatively benign compared to ransomware, the cost in wasted infrastructure and energy are not insignificant (aside from the fact that being infected with cryptomining malware is an obvious indication of infrastructure vulnerability).

There are two main techniques criminals use to mine: they use compromised infrastructure to mine directly, or they use their access to that infrastructure to embed JavaScript mining code in user-facing sites and applications, recruiting both the business and its customers into a distributed mining operation.

The method used to compromise servers is often fairly typical: outdated software, brute force attacks, or supply chain attacks. In this case and several others, the culprit was a woefully insecure Kubernetes installation. Kubernetes is used by many businesses, including colocation clients, to deploy, scale, and manage containerized applications. Much of that management takes place via a web console which isn’t password protected by default.
The first lesson to be learned here is that if you’re using Kubernetes, make sure you have password protected the console. It’s a sure bet that other criminals are trawling the web looking for Kubernetes consoles to take advantage of.

The second lesson is to be careful about where your business stores access credentials for its infrastructure. In the Tesla incident, it was AWS credentials stored in a Kubernetes pod, but there are plenty of other opportunities for authentication credentials and private keys to find their way into publicly accessible systems like GitHub or internet-facing production code.

It might also be worth considering a bug bounty program that incentivizes “researchers” to report any vulnerabilities they discover rather than selling that information or exploiting it themselves.

Prevention, Not Cure, Is The Optimal Approach To IT Security

Prevention, Not Cure, Is The Optimal Approach To IT SecurityLast year was not great for IT security. Pick a month at random and you’ll find reports of serious data leaks and security breaches affecting millions of people. The news is biased towards the catastrophic, but with global cybercrime and espionage on the rise, businesses that rely on their online services need to do better.

Part of doing better is becoming more proactive about security and privacy. It is no longer enough to do the minimum to secure network boundaries and deal with security issues as they arise. Security has to become part of the DNA of modern businesses, a core business goal alongside and not subordinate to other goals.

Hosting sensitive data in a secure colocation datacenter instead of a less secure public cloud platform is a step in the right direction, but building secure applications and services requires a commitment to inspiring a culture that prioritizes security and privacy.

Everyone has a part to play

The first step in becoming proactive about security is to realize that your security team and IT staff need help. Those who work in this space have experienced the unnecessarily adversarial relationship that arises between IT and non-technical workers, largely because the workers don’t understand why IT insists on making life difficult for them.

Staff should be trained to understand the threats businesses face and the rationale for security policies. Hiring policies should make security awareness a prerequisite for consideration. Security is easier if everyone is pulling in the right direction.

Bring security into the C-Suite

If your company’s hiring policies are functioning properly, your developers and system administrators know what it takes to build secure systems. But are they given the right incentives by the company’s leadership? Incentives matter. When a company’s executives consistently prioritize productivity at the expense of security and privacy, we get situations like the Equifax leak.

Executives should make security a priority. Managers and project leaders should be incentivized to work towards key security metrics.

Make security a part of the product

In the past, consumers haven’t been particularly concerned about security and privacy. They weren’t factors that influenced consumer behavior. After Equifax, WannaCry, and a dozen other high-profile security lapses, consumers are learning to take security very seriously indeed; it’s becoming a key differentiating factor.

Businesses that make the effort to build secure applications and services will be more attractive to consumers who really don’t want their emails, passwords, and sensitive data leaked to identity thieves and other criminals.

For many businesses, the shift to a security-first approach requires a cultural evolution. But established businesses don’t have a choice: if they are unable to adapt to the demands of a market that includes ubiquitous organized crime and state-sponsored cyber attacks, they will be out-competed by startups that understand the mood of the public.

Do You Know What Data Your Company Stores On Its Servers?

Do You Know What Data Your Company Stores On Its ServersModern businesses generate, process, store, and analyze huge quantities of data. In fact, many gather more data than they’ll ever use, stashing it in storage services and servers until a rainy day that never comes. Storage is cheap, so why not store as much data as possible? There is nothing wrong with storing data if it is done consciously, strategically, and with careful oversight, but when data is stored accidentally or without due care and attention, it becomes a security, privacy, and compliance liability.

Read More

What Do Europe’s New Privacy Laws Mean For US-Based Colocation Clients

What Do Europe's New Privacy Laws Mean For US-Based Colocation ClientsOn May 28th, the EU will introduce strict new privacy laws. The GDPR (EU General Data Protection Regulation) is intended to increase privacy protection for everyone in the EU, including non-citizens who travel to EU countries. Because the new regulations are so much stricter than the previous EU privacy regime, it’s almost certain that US colocation clients have some work to do before the end of May if they aren’t already prepared.

Read More

Where Does Colocation Fit Into Your Hybrid Cloud Strategy?

Where Does Colocation Fit Into Your Hybrid Cloud StrategyOnce a business has identified a need for infrastructure, it has a range of options to procure and deploy it. Today, most businesses choose a mix of infrastructure hosting solutions that may include integrated public cloud, on-premises data centers, and colocation deployments — a mix that is usually referred to as a hybrid cloud.

Read More

Colocation Or Cloud? The Difference Matters Less Than You Think

Colocation Or Cloud? The Difference Matters Less Than You ThinkColocation is often associated with the old way of hosting applications. Companies would buy servers, host software directly on their operating system, and manage software with a package manager. Services and applications were intimately tied to individual machines and their OS environments. The introduction of public cloud platforms instigated a new way of managing applications: DevOps. Cloud servers can be automated, deployed at will, and facilitate a more agile approach to infrastructure management.

Read More

Three Ways You Can Prepare For The IoT Security Nightmare

Three ways you can prepare for the IoT security nightmareThe Internet of Things has incredible potential. Unfortunately, it’s also a cybersecurity disaster waiting to happen. Lax vendor practices, a fast-growing threat surface, and a lack of understanding have created the perfect storm for massive DDoS attacks, compromised networks, and more.

Read More