Security is paramount in remote data center management. Administrators must do everything in their power to prevent a doomsday scenario in which attackers are able to steal credentials and take control of the access points that are used to control the data center remotely.
The problem, of course, is that not only is remote access an alarming point of failure, it may also be difficult to secure. For example, remote data center management implementations often employ RDP (remote desktop protocol) to access data center infrastructure. Unfortunately, RDP vulnerabilities crop up about once a week–more so now that attackers are seeking out data centers made newly vulnerable by COVID-19.
In short, if you implement remote data center management without implementing security precautions at the same time, attackers are going to find you and it will be a very bad day.
Where Should You Start Securing Your Remote Data Center?
Fully securing a remote data center might take months, but we’re still only a few weeks into lockdown. In other words, you need to set a list of priorities that start with your most urgent needs and then build on that foundation for the long term.
- Start with ID and Access Management (IAM)
Your biggest and most immediate risk is that an attacker will steal the login credentials to your remote access solution. If that happens, your attacker will easily achieve their victory condition. . If you haven’t at least implemented multi-factor authentication, stop reading this article and go do that now. MFA – especially solutions using a hardware security key – is among the easiest steps you can take when it comes to securing your remote data center. - Patch ASAP
As we mentioned, RDP often experiences vulnerabilities, and the same can be said for many other communication methods between your data center management terminal and your data center itself. Patching these vulnerabilities – or at least securing against exploitation – should be your next top priority for secure remote access. - Decommission End of Life (EOL) Hardware
When Microsoft discontinued support for Windows Server 2008 at the beginning of 2020, it’s likely that millions of obsolete servers remained active and running an end-of-life operating system. While the pandemic may have disrupted your plans to formally decommission these servers, they remain a priority, as vulnerabilities are still being found within the venerable operating system. - Study Application Dependencies
In addition to removing your EOL hardware, you need to be aware of any applications that depend on depreciated infrastructure and operating systems. This is particularly crucial for your remote access implementation itself. If you’re relying on an appliance that will be obsolete within a few years, what are the chances that you’ll be able to remove the appliance and upgrade once the deadline rolls by? If your vendor goes out of business (the way many businesses are) will you be able to replace the formerly vendor-supported component? - Implement Multiple Encryption Methods
Many administrators believe that SSL/TLS on its own is strong enough to secure RDP connections. Unfortunately, SSL has its own vulnerabilities, such as POODLE, and it can also be subject to downgrade attacks that force users to use older – and more breakable – encryption methods. For a more secure remote management implementation, add other methods such as RADIUS encryption and IPSEC tunneling.
Add DCIM for More Secure Remote Data Center Management
DCIM tools like Device42 offer built-in security tools which allow you to accomplish your goals at a single stroke. These security features aren’t just checkboxes for secure remote data center management – they’re integral tools that will help you do your job faster and more completely even when you can’t access the data center in person.
As just one example, Device42 offers a VulnDB integration that can automatically surface insecure software configurations. In effect, this combines the Device42 auto-discovery feature with a search tool that automatically matches the version information for your applications with any known common vulnerabilities and exposures (CVEs). In addition, you’ll immediately get instructions for how to solve or mitigate the vulnerability.
What’s more, our application dependency mapping tool can help administrators understand what will happen once they remove obsolete software or infrastructure. With this simple automated tool, you’ll be able to confidently prune your infrastructure, mitigating security risks without risking unplanned downtime.
With Device42, you’ll find a full-featured DCIM where security is more than an afterthought. Instead, you’ll be able to remotely manage your data center without worrying about the worst that can happen. For more information about what we do and how we can help, contact Device42 today!