[AusNOG] RISK - IT Industry - Concern Over Equipment Being, Installed in Data Centre Facilities - Further Replies

chrismacko80 chrismacko80 at gmail.com
Tue Sep 27 20:12:44 EST 2016


Jake, it's not about stopping bringing in colo equipment into
facilities, it's about having a process and technology that can
safeguard data centres by scanning of equipment when it's installed.
There's companies out there such as Carl Zeiss that use various
techniques to scan equipment on a smaller scale, if that technology
could be developed for handheld device that penetrated into a server
rack, we'd be able to check every rack as it's being delivered, even
with fully populated racks. Either that or some type of scanner that
equipment is walked through? Is there any other companies that you're
aware of that currently have technology in that space other than Carl
Zeiss? I'll send them an email.

Chris Macko.

On Tue, Sep 27, 2016 at 6:48 PM, Jake Anderson <yahoo at vapourforge.com> wrote:
> On 27/09/16 19:07, chrismacko80 wrote:
>>
>> Bob, what good is physical separation in separate data centres if the
>> same ability to wheel in damaging equipment by clients is present, not
>> to mention the number of newly arrived foreign nationals we employee
>> in our provisioning, support and technical employment sets in lots of
>> data centre businesses. Police checks can only do so much when it
>> comes to vetting a newly arrived employee from overseas.
>>
>> As a side note, I visited a local CBA branch today, and saw a form in
>> the waiting area on a desk for filling in by employees when dealing
>> with suspected bomb packages. I asked the employee if I could take a
>> photo, she advised I couldn't as they weren't allowed to provide that
>> information to others. Had I just wanted to take a photo of my puppy
>> Moira I would have been able to grab a photo, it displayed the CBA and
>> BankWest logos. The banks take the threat seriously even for a single
>> branch, why don't we as business owners take responsibility and
>> collaborate together to fix the gap as an entire industry?
>>
>> Who's a team player and willing to work on this together?
>>
>> Chris.
>
> Nobody, because to "fix" it would require in essence nobody bringing gear
> into a colo.
> If you can't think of a way to cause havoc when you are bringing in sealed
> volumes of space (say hdd's) you aren't a very good criminal.
> Hell you could shut down DC halls with nothing more than reprogramming the
> micro-controller in a stock power supply.
>
> You can either engage in security theatre like the TSA does, or you can take
> measures that balance cost and effectiveness as DC operators do now and
> experience largely the same risk, without wasting billions of dollars and
> millions of man hours.


More information about the AusNOG mailing list