Four Security Management Strategies for Data Center Consolidation

By Joe Kim, SolarWinds Chief Technology Officer

The Data Center Optimization Initiative was introduced last year, superseding the Federal Data Center Consolidation Initiative (FDCCI).

While there have been some major wins, including billions of dollars saved and thousands of data centers shuttered, those wins do not change the fact that there are still major cybersecurity concerns surrounding the consolidation effort. According to a SolarWinds and Market Connections cybersecurity survey from last year, these concerns mainly stem from incomplete transitions during consolidation and modernization projects, overly complex enterprise management tools, and a lack of familiarity with new systems.

The fact that these concerns are still top of mind several years into the FDCCI is not surprising, considering the rapid evolution of the threat landscape.

Let’s take a look at four strategies federal network administrators can adopt to help circumvent this challenge and make their data consolidation efforts a little more secure.

1. Create a clearly defined organizational structure

Ultimately, everyone in an agency has a hand in data center operations—not just IT administrators, but also developers, managers and executives. Each responsible party should be assigned unique responsibilities and remain in contact with each other. That way, if a breach or outage occurs, the team will be able to work together to address the issue.

2. Follow up with lightweight and flexible procedures

One of the goals behind the federal government’s modernization effort is to become more agile and flexible, but this should not be confined to hardware and software. Once the organizational structure is defined and it’s time to put processes and procedures in place, agencies should help ensure that they are highly flexible and can adapt to changing conditions.

3. Encrypt and segment data at rest and in flight

All data, whether at rest or in flight, must be encrypted, especially as agencies continue their data center transitions. There are simply too many risks involved in the transition process itself -- too many places where data is vulnerable and too many opportunities for increasingly savvy hackers or insiders to access information left in the open.

Data segmentation is also critical, as it can limit the attack damage to a subset of data. Segmenting can reduce the potential for cascading -- and often catastrophic -- network failures.

4. Automate security and gain complete control

Administrators must implement solutions that can monitor applications and network activity and deliver patches and updates as necessary. These goals can be achieved with modern performance monitoring software that gives data center managers a complete view of the health of every aspect of their data centers, including compute, storage, network, and applications.

Administrators willing to lay the security groundwork now will find their road toward data center consolidation easier to travel. Their efforts will also provide a solid foundation for managing what promises to be a tricky post-consolidation world, where the amount of data continues to grow even as the number of data centers has shrunk.

Find the full article on Government Computer News.