Bugwatch: Reducing downtime at the data centre

Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats.

This week Paul Smith, UK country manager with KVM switching and connectivity company Avocent, considers how to minimise potential physical security threats to data servers.

Where the focus for IT security was once the threat of viruses and hackers, a greater emphasis is now being placed on the physical security threats in the data centre environment.

The challenge for the IT manager is to provide the necessary levels of access to IT hardware while at the same time minimising potential risks to security.

Server resilience is a key business issue and IT managers are under increasing pressure to provide the highest possible levels of protection for business-critical processes.

In the data centre this means a greater emphasis on service level agreements, with anything less than 97 per cent server availability being rightly viewed as unacceptable - particularly where critical data such as e-commerce is involved.

Allied to external threats to the IT infrastructure, human error, accidental damage and malicious damage by employees are all risks that need to be limited.

As IT staff develop increasingly specialist skills, the degree of autonomy in their work grows.

The IT manager must strike a balance between assigning access rights according to platform type while providing enough freedom to the team to carry out their jobs effectively.

In addition to data access for staff - who must be prevented from damaging or gaining unauthorised access to systems - the rise of outsourcing and hosting organisations has presented the IT manager with a very different set of challenges.

Where an outsourcer works alongside an in-house administrator or manager the IT manager must be able to provide the supplier with access without exposing company servers to any unnecessary risk.

Likewise, the service provider itself needs to guarantee that, with one client's system alongside another, no harm will come to either set of servers.

End-user access rights are also becoming an increasingly important consideration for IT managers, with many adopting role-based access rights to applications.

In any industry that deals with sensitive data, being able to manage the access rights of users is crucial to maintaining client confidentiality.

For example, in a hospital environment consultants will require an entirely different level of access to patient information than administrative staff.

The overriding theme in each of these instances is the need to manage access to an organisation's data servers.

There is a dual imperative for the IT manager to isolate servers from potential harm while at the same time providing IT staff with real-time access to them in a controlled environment, to reduce the risk of downtime.

If access can be extended to enable the administrator to monitor log files and audit trails in real time, as well as to intervene if suspicious behaviour manifests itself, then the organisation is much more able to minimise downtime.