Managing distributed IT environments has emerged as a key responsibility for many data center operators to meet the dynamic challenges of digital transformation. Decentralization of infrastructure has enabled the proliferation of critical IT components to drive faster data and services to end users on college campuses, in hospital systems and other distributed environments. However, as operators embrace connected technologies to integrate devices and automate essential processes, the potential for more cybersecurity risk must also be addressed.
Systems are becoming more interconnected, which increases the number of potential entryways for malicious activity across a network. Data center operators responsible for managing distributed networks must be aware of these possible vulnerabilities and create an end-to-end strategy that factors securing power management into the equation.
Connected systems, new risks
The trend in high-profile breaches exemplifies the changing cybersecurity threat landscape. Like HVAC units and other more recently connected devices, power management devices such as uninterruptible power supplies (UPSs) are becoming more interconnected to enable integration with software, services and other IT infrastructure in a way that enables operators to manage and monitor these devices remotely. These components must be secured just like every other network access point.
Driving home the urgency on this point, the Cybersecurity and Infrastructure Security Agency (CISA) and Department of Energy recently released a public advisory regarding cybersecurity for internet-connected UPSs. The advisory urged organizations to take mitigation measures to protect UPSs and all other emergency power systems against potential threat actors.
Steps to securing backup power in distributed environments
- Play the right cards:
Global safety standards organizations, including Underwriters Laboratories (UL) and the International Electrotechnical Commission (IEC), provide important guidelines for the implementation of appropriate cybersecurity safeguards in network-connected devices, including those in the power management space. Deploying UPSs with network management cards that carry UL 2900-1 and ISA/IEC 62443-4-2 certifications in distributed environments – such as network closets – can give operators peace-of-mind that their devices have built-in cybersecurity features and capabilities to better protect infrastructure against breaches.
- Stay vigilant:
As operators manage a range of connected UPSs over a distributed network, many will seek to execute remote firmware updates to keep their devices up-to-date with the latest features. Because of this, operators should look for power devices that require cryptographic signature checks in order to update firmware to avoid cybersecurity risks. Additionally, look for vendors that offer 24/7 monitoring across converged IT/operational technology (OT) environments, as this can help add an extra layer of protection and visibility for critical infrastructure.
- Employ best practices:
Operators should leverage cybersecurity practices with connected power management devices in distributed environments just as they would other components within their IT infrastructure. This includes using firewall and industrial security solutions as well as encrypting information; conducting routine security assessments; regularly updating antivirus software and antispyware; using advanced email filtering; establishing powerful password policies and end point protection; and offering employees cybersecurity awareness training.
Physical security measures, including the use of security locks on IT racks, can also help to ensure that only authorized personnel have access to IT equipment. And as the proliferation of smart, connected devices link together more elements of IT operations in distributed networks, it will be helpful to partner with technology and solutions providers that demonstrate an ongoing commitment in protecting against cybersecurity risks.
Securing the future
Digital transformation is poised for continued acceleration, and with it, managing distributed IT environments will be a growing responsibility for data center operators as they seek to drive even better and faster data services. This transition will create new possibilities for connected infrastructure, and it remains imperative that operators take the necessary steps to secure these devices across their increasingly interconnected networks. By implementing proper cybersecurity measures to secure power management equipment, operators can better prepare for the continued evolution of their networks.