User Manual

ManualsBrandsSiemens ManualsBuilding automationBuilding automation and control systems - System Catalog 2016

> White Paper | Best Practices in Digital Transformation

Security

The operators of MTDCs are faced with the tasks of securing

growing and evolving network architectures against increasingly

sophisticated and targeted attacks, while at the same time meeting

ever more stringent compliance and regulatory requirements to

protect the data with which they are entrusted.

This includes threats on the cyber level such as DDoS attacks, web

application attacks such as SQL injection and cross-site scripting,

ransomware (where data is held for ransom supposedly until a

ransom is paid). DNS infrastructure attacks, malware including

Trojans, viruses and worms, phishing, unpatched software, social

media threats and advanced persistent threats (APTs) via (spear)

phishing. Just like natural viruses which mutate in order to survive

against antibiotics, so the list above will mutate and combine in

order to present a more sustained and complex mode of attack.

While the focus of security has moved to cyber-threats based on the

changing proﬁle of the data infrastructure landscape, other sources

of disruption should not be ignored. Hacking, malware and threats

delivered via social media have grown the most to 2015 in terms of

numbers while physical, environmental and disruptions caused by

error and ‘misuse’ have remained at a consistent level. This cluster

of threats remain at a level however where they cannot be ignored.

There are a number of important considerations for developing a

security model in an MTDC:

• It needs to reﬂect the changing design and operation of a

multi-tenant facility and be designed for the mix of services and

environment oered by the facility (or facilities).

• It must be able to adapt so that it provides consistent, constant

and intelligent protection across evolving and hybrid data center

models.

• It must provide protection against advanced and evolving threats.

• It will only be as strong as its weakest link therefore it needs to

observe principles of ‘absolute’ protection, described as ‘End to

end’, ‘Layered’ or ‘Zero Trust’ depending on the form of security.

It is evident that traditional network-centric security systems based

on perimeters and ﬁrewalls are no longer adequate for any but

the most legacy MTDC. Traditional security policies are deﬁned

for security zones that are static and tied to physical devices, and

which are signature-based. Although these have evolved to next-

generation ﬁrewalls (NGFWs) that can implement policies based

on applications, users and content, they are still static and rely

on traditional network constructs like IP addresses, virtual local

area networks (VLANs) and server zones. Traditional defenses like

ﬁrewalls, IPS, anti-virus and gateways are simply no match for

continually evolving and sophisticated cyber threats, which can

blend malicious techniques.

The MTDC environment is now software-deﬁned, distributed,

interconnected, dynamic and user-focused. The cybersecurity

risk to the service data center is made worse by dependence on

virtualization, cloud computing and the internet of things (IoT).

This creates a complex and dynamic network that gives more

opportunities for attackers to compromise a facility.

It now widely accepted that security must be deployed throughout

an organisation’s data infrastructure, and out to the growing number

of endpoints that are connected to that infrastructure and used to

access cloud services. There also needs to be greater visibility into

the network, as well as enhanced segmentation and control.

There are two key methodologies in securing the next-generation

network and everything connected to it. The ﬁrst involves reducing

the attack surface and, the second involves mitigating the risk.

However, there are numerous dierent - but often parallel -

approaches to both.

Reducing the attack surface aims to prevent all but authorised

access to system assets, and to establish access rights. This can

be achieved by minimising exposed system targets, controlling

system and network segment access across the network, enforcing

least privilege for all security subjects, or reducing the amount of

data that needs to be scanned by deploying trusted software and

procedures.

In order to mitigate the risk of attacks, the MTDC provider must

also understand the risks and then implement speciﬁc measures to

reduce or minimise unacceptable risk, such as those to reduce the

severity of the consequences of an attack, reduce the probability

of an attack occurring, or reducing exposure to the attack. This

might include trac segmentation to ﬁlter and verify network

activity to reduce the potential attack surface include ﬁrewalls and

switch access control lists (ACLs), as well as the creation of subnets

and logical segmentation for internal trac and gain visibility into

applications, users and content.

Security must work across the multi-tenant data center so that

client organisations can rest assured that their data and applications

are safe. This means a consistent and accurate security policy across

heterogeneous environments. The programmability aspect of new

security technologies is all software-based. Indeed the majority rely

solely or to a large extent on software.

Software-Deﬁned Security is adaptive in that the security policy and

controls automatically remain with the device if is moved, migrated

or scaled, which speeds up response time and reduces the scope

for human error.

Increasingly, sophisticated algorithm-based techniques are used,

not just to identify security threats but to diagnose the wider

principle of ‘data health’. There are two main aspects to threat

intelligence: technology or machine intelligence, and human

intelligence. While machine intelligence is able to mine and analyse u