[AusNOG] RISK - IT Industry - Concern Over Equipment Being Installed in Data Centre Facilities

Sam Silvester sam.silvester at gmail.com
Mon Sep 26 10:55:09 EST 2016


On Sun, Sep 25, 2016 at 10:36 PM, Skeeve Stevens <
skeeve+ausnog at eintellegonetworks.com> wrote:

> But... I don't think we should theorise in an open forum giving anyone
> ideas on how you could abuse this situation.
>
> I'd even scrub the archives of this if possible.
>
>
I always find it strange when people put forward advice like this.

Even the most basic of IT security courses puts forward that 'security
through obscurity' is a bad plan. If you feel smuggling in contraband is a
real risk (I do not subscribe to that theory), you should be out talking
about it.

If you're worried about terrorist, commercial espionage or even
'nation-state' attacks on your equipment in a data centre, then avoiding
talking about it is just dumb. The 'bad guys' are not stupid and are
certainly able to discuss freely, so keeping the group defending against
them artificially small is self-defeating. It's more about ego than about
getting a good result.

The simple fact exists and remains true that putting all your eggs in the
one basket is a fantastically stupid idea. It's been shown time and time
again that even the most well-run and well-intentioned data centres can and
do suffer failures. If being up 24/7 is your goal, don't be in a single
site, or you've already lost.

Likewise, don't be with a single carrier, as (again, it's been shown to be
true) intentional or unintentional damage to outside plant like fibre and
power is also a thing. There would be tens of thousands of carrier pits
with no locks or locks that are relatively easily forced, yet you don't see
much in the way of hand-wringing over this risk.

If you build your services properly, all of these risks can be minimised.
That is where the discussion and focus should be, not ridiculous 'do not
talk about' topics or suggestions to censor the list and/or archive. This
is the Internet, not a 5-eyes meeting. It came to be by an open and sharing
attitude.

Sam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160926/2a45acd7/attachment.html>


More information about the AusNOG mailing list