User Manual

ManualsBrandsSiemens ManualsBuilding automationBuilding automation and control systems - System Catalog 2016

> White Paper | Best Practices in Digital Transformation

u All of these technologies and environments are mentioned as part

of the process of MTDC digital transformation and they therefore will

be deployed across the multi-tenant data infrastructure portfolio.

This creates the potential for greater vulnerabilities across

the network as it presents more opportunities for attackers to

compromise a facility as its increased complexity and dispersion

creates a far wider attack surface. Data from IoT presents another

challenge as data must be protected by access controls and

monitored on a real-time basis in a situation where it may be

dicult to ensure the security of the end points and of the mission-

critical information that is stored within the IoT data set. There

will be a huge number of such endpoints within even a single

data center and their interconnection – the network foundation

of the IoT – will lead to a more complex and disparate network

architecture. As the equipment within the MTDC becomes

integrated, so the online threat to the security of physical

infrastructure begins to take a shape parallel to the cyber-threats

against the IT housed in the facility. The deployment of the internet

of things (IoT) will create a vast array of endpoints even within

a single multi-tenant data center. The interconnection of these

objects will result in exponentially more disparate and complex

network and fabric architectures.

It now widely accepted that security must be deployed throughout

an organisation’s whole data infrastructure, and out to the growing

number of endpoints that are connected to that infrastructure. This

needs to oer greater visibility into the network. Ideally, the role of

the MTDC within a wider data infrastructure needs to enable the use

of one set of security capabilities running across dierent the dierent

data infrastructure environments - public cloud, private cloud, within

the MTDC and within other on-prem or outsourced environments. A

large number of security protocols and administrations are complex

to manage, and this may restrict visibility and control across the entire

portfolio. This is important as one of the most major consequences

of digital transformation is the growth in hybrid environments, multi-

cloud and ﬂexible provisioning.

Assessing the Threat and Reducing the Attack

Surface

Protection of the next-generation MTDC needs to work from the

basis of securing the network and with that, all that connected to

it. More than the traditional approaches, the MTDC provider needs

now to understand the security risks against the facility and then

implement speciﬁc measures to reduce or minimise unacceptable

levels of risk. This might include reducing the severity of the

consequences of an attack, reduce the probability of an attack

occurring, or reducing exposure to the attack.

The ﬁrst priority is to reduce the ‘attack surface’, that is the various

places or vectors at which an unauthorised user or attacker could

get into a system or get data out. The ‘attack surface’ needs to be

looked at in terms of the network layer, the software layer (with a

particular focus on web applications) and the human/user layer.

There are many sources that indicate the user as the weakest line of

defense. This is true particularly of MTDCs where access needs to

be provided to clients on both a physical and cyber level and which

may therefore present duplicative attack surfaces.

The process of reducing the attack surface follows the inherent

security principle of keeping out threats while permitting authorized

access. This is most eective when using a least trust approach –

reducing the exposure of system targets, protecting the network

and getting visibility segment by segment, being stringent in the

issuing and enforcement of authorization and reducing where

possible the amount of data that needs to be processed or

transmitted by deploying software and procedures including that

of data curation which can be used to restrict the amount of data

vulnerable at an attack surface. Preliminary measure will include:

1. Trac segmentation as a means of ﬁltering, analysing and

verifying network activity. This will reduce the potential attack

surface through introducing protections such as ﬁrewalls and switch

access control lists. Segmentation of a network can make it easier

to isolate and analyse trac patterns and as an aid to visibility but it

is not per se proactive in enforcing authorisation or the control of

privileged information or inspecting trac for threats.

2. Identifying the data and applications that need protection.

This means that an MTDC provider must gain visibility across their

entire network and everything on it, without compromising the day

to-day operation of the business. The transaction ﬂows for these

applications must also be mapped so that segmentation gateways

can be deployed as appropriate and with the right application, user

and content policies.

3. Security must work across the multi-tenant data center so that

clients, both internal and external to the hosting organisations can

rest assured that their data and applications are safe. This means

a consistent and accurate security policy across heterogeneous

environments.

4. Advanced endpoint security solutions must be considered a

priority given the number of dierent IoT endpoints connected to

the network(s) within the MTDC, the vulnerability of these and the

mission critical nature of the equipment and systems operated using

the data generated.

5. Underlying and overlapping these measures is the need for

intelligent security, that can identify and block attacks in real time,

and then use the knowledge to inform and prevent future attacks.

6. Applications, and even workloads within applications, can be

segmented using a network-based approach.