People are data centres' biggest security threat

According to Rob Bamforth and Clive Longbottom, the authors of the Quocirca report, virtualisation is being embraced increasingly for both technical and business reasons, yet problems will remain in many areas.

The need for virtualisation is not particularly a technological one, says the report - it is far more based on the needs of the business.

"Flexibility, greater control over costs and greater responsiveness to the business' needs means that virtualisation is increasingly being used across greater proportions of an organisation's IT estate", the report notes.

Before the technology can be adopted, however, the report recommends that a virtualisation strategy has to be carefully thought out in order to maximise the benefits that can be gained.

"Just attempting to take existing IT and move it to a virtual platform will not work - far more planning and work is required to ensure that virtualisation works", the report says, adding that vendors have not been massively helpful in this regard.

The problem facing the industry, says Quocirca, is that a modern data centre cannot be built with IT and facilities working in a vacuum.

Each group, says the report, has to work closely with the other to ensure that power distribution matches the needs of the density of IT equipment, and that cooling is adequate, yet is fully optimised to ensure that energy costs are kept under control.

Good virtualised data centres, the report goes on to say, need to use targeted cooling.

"Hot and cold aisle cooling with ducted flows will save energy across the board. If the equipment is going to be full-volume air cooled, look at running the data centre at a higher temperature - say, 260C/790F - the equipment won't mind", says the report.

"Don't put windows into the data centre - not only are these a security hazard, but the lower thermal efficiency of glass will cause greater heating problems on sunny days", the report adds.

Finally, on the security front, Bamforth and Longbottom suggest that planners should plan for lights out.

"Data centres and people don't mix: not only are people the major cause of problems in a data centre, but they are also the biggest security issue. Design the data centre with remote operations in mind, with people only going in to deal with exceptions such as failed equipment," the report concludes.

What’s hot on Infosecurity Magazine?