[AusNOG] RISK - IT Industry - Concern Over Equipment Being Installed in Data Centre Facilities

Jim Woodward jim at alwaysnever.net
Mon Sep 26 17:26:45 EST 2016 

+1 from me too!

This is the most intelligent thing I've read in the last few pages of 
posts, prepare for the worst and put in the best solution within your 
budget constraints, You can't afford disaster mitigation plan? Can you 
afford not to have one?


Kind Regards,
Jim.


On 26/09/2016 2:41 PM, Bob Woolley wrote:
> This.
> +11111111
>
>
> Bob
>
> On 26 September 2016 at 14:37, McDonald Richards 
> <mcdonald.richards at gmail.com <mailto:mcdonald.richards at gmail.com>> wrote:
>
>     What's that Fight Club quote...
>
>     “On a long enough time line, the survival rate for everyone drops
>     to zero.”
>
>     Back your shit up and distribute your applications if they're
>     mission critical. Plan for the worst and hope for the best.
>
>     This can be said for the ransomware thread too.
>
>     Malicious threats, natural disasters, planes crashing into data
>     centers near airports by accident (coz nobody would ever build a
>     data center near an airport right?), all can be mitigated from a
>     data loss perspective if you plan for it.
>
>     I'm pretty sure if there was a twister on top of the data center
>     that housed your BRAS, your customers would cut you a few days
>     slack to make arrangements. If you tell them you lost your account
>     database because it was your only copy, you deserve to lose them.
>
>     Macca
>
>
>
>     On Sun, Sep 25, 2016 at 5:55 PM, Sam Silvester
>     <sam.silvester at gmail.com <mailto:sam.silvester at gmail.com>> wrote:
>
>         On Sun, Sep 25, 2016 at 10:36 PM, Skeeve Stevens
>         <skeeve+ausnog at eintellegonetworks.com
>         <mailto:skeeve+ausnog at eintellegonetworks.com>> wrote:
>
>             But... I don't think we should theorise in an open forum
>             giving anyone ideas on how you could abuse this situation.
>
>             I'd even scrub the archives of this if possible.
>
>
>         I always find it strange when people put forward advice like this.
>
>         Even the most basic of IT security courses puts forward that
>         'security through obscurity' is a bad plan. If you feel
>         smuggling in contraband is a real risk (I do not subscribe to
>         that theory), you should be out talking about it.
>
>         If you're worried about terrorist, commercial espionage or
>         even 'nation-state' attacks on your equipment in a data
>         centre, then avoiding talking about it is just dumb. The 'bad
>         guys' are not stupid and are certainly able to discuss freely,
>         so keeping the group defending against them artificially small
>         is self-defeating. It's more about ego than about getting a
>         good result.
>
>         The simple fact exists and remains true that putting all your
>         eggs in the one basket is a fantastically stupid idea. It's
>         been shown time and time again that even the most well-run and
>         well-intentioned data centres can and do suffer failures. If
>         being up 24/7 is your goal, don't be in a single site, or
>         you've already lost.
>
>         Likewise, don't be with a single carrier, as (again, it's been
>         shown to be true) intentional or unintentional damage to
>         outside plant like fibre and power is also a thing. There
>         would be tens of thousands of carrier pits with no locks or
>         locks that are relatively easily forced, yet you don't see
>         much in the way of hand-wringing over this risk.
>
>         If you build your services properly, all of these risks can be
>         minimised. That is where the discussion and focus should be,
>         not ridiculous 'do not talk about' topics or suggestions to
>         censor the list and/or archive. This is the Internet, not a
>         5-eyes meeting. It came to be by an open and sharing attitude.
>
>         Sam
>
>
>
>         _______________________________________________
>         AusNOG mailing list
>         AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>         http://lists.ausnog.net/mailman/listinfo/ausnog
>         <http://lists.ausnog.net/mailman/listinfo/ausnog>
>
>
>
>     _______________________________________________
>     AusNOG mailing list
>     AusNOG at lists.ausnog.net <mailto:AusNOG at lists.ausnog.net>
>     http://lists.ausnog.net/mailman/listinfo/ausnog
>     <http://lists.ausnog.net/mailman/listinfo/ausnog>
>
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160926/f42c5f12/attachment.html>

More information about the AusNOG mailing list