[AusNOG] RISK - IT Industry - Concern Over Equipment Being Installed in Data Centre Facilities

McDonald Richards mcdonald.richards at gmail.com
Mon Sep 26 14:37:51 EST 2016


What's that Fight Club quote...

“On a long enough time line, the survival rate for everyone drops to zero.”

Back your shit up and distribute your applications if they're mission
critical. Plan for the worst and hope for the best.

This can be said for the ransomware thread too.

Malicious threats, natural disasters, planes crashing into data centers
near airports by accident (coz nobody would ever build a data center near
an airport right?), all can be mitigated from a data loss perspective if
you plan for it.

I'm pretty sure if there was a twister on top of the data center that
housed your BRAS, your customers would cut you a few days slack to make
arrangements. If you tell them you lost your account database because it
was your only copy, you deserve to lose them.

Macca



On Sun, Sep 25, 2016 at 5:55 PM, Sam Silvester <sam.silvester at gmail.com>
wrote:

> On Sun, Sep 25, 2016 at 10:36 PM, Skeeve Stevens <skeeve+ausnog@
> eintellegonetworks.com> wrote:
>
>> But... I don't think we should theorise in an open forum giving anyone
>> ideas on how you could abuse this situation.
>>
>> I'd even scrub the archives of this if possible.
>>
>>
> I always find it strange when people put forward advice like this.
>
> Even the most basic of IT security courses puts forward that 'security
> through obscurity' is a bad plan. If you feel smuggling in contraband is a
> real risk (I do not subscribe to that theory), you should be out talking
> about it.
>
> If you're worried about terrorist, commercial espionage or even
> 'nation-state' attacks on your equipment in a data centre, then avoiding
> talking about it is just dumb. The 'bad guys' are not stupid and are
> certainly able to discuss freely, so keeping the group defending against
> them artificially small is self-defeating. It's more about ego than about
> getting a good result.
>
> The simple fact exists and remains true that putting all your eggs in the
> one basket is a fantastically stupid idea. It's been shown time and time
> again that even the most well-run and well-intentioned data centres can and
> do suffer failures. If being up 24/7 is your goal, don't be in a single
> site, or you've already lost.
>
> Likewise, don't be with a single carrier, as (again, it's been shown to be
> true) intentional or unintentional damage to outside plant like fibre and
> power is also a thing. There would be tens of thousands of carrier pits
> with no locks or locks that are relatively easily forced, yet you don't see
> much in the way of hand-wringing over this risk.
>
> If you build your services properly, all of these risks can be minimised.
> That is where the discussion and focus should be, not ridiculous 'do not
> talk about' topics or suggestions to censor the list and/or archive. This
> is the Internet, not a 5-eyes meeting. It came to be by an open and sharing
> attitude.
>
> Sam
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160925/4976efc5/attachment.html>


More information about the AusNOG mailing list