How secure is your Data Center?
Data Center is the core of today’s IT world. With growing technologies like cloud computing, virtualizations and latest IT applications, building today’s Data Centers are a bit more complex. It is important to protect Data Centers from malicious attack. Equally important is to ensure that the Data Center infrastructure like network, storage, servers and desktops too are secured and monitored all the time to avoid any possible threat. Traditionally, network teams would secure network and applications with encryptions. However with today’s growing IT requirements, it is important to have more robust and dynamic security systems to secure the Data Center.
Data Center security is of primary importance to IT organizations. Organizations should make sure that every element of Data Center is monitored and secured. They may either decide on managing it on their own or opt for outsourcing. However they should carefully evaluate the options that is suitable for optimally securing the Data Center.
Access Control methods for Data Center
Physical access to the Data Center should be carefully planned and managed. Entry to the Data Center should be restricted with limited access. Only Authorized person should be allowed to enter Data Center – with badge access to the building and security-escorted entry to the visitors. Additional Security layers can be added by separating Testing, Development and Production zones. Depending upon the sensitivity of the data in the server, access to each zone should be restricted with key card admittance and biometrics. The entire Data Center should be under video surveillance.
Network Security
Network is the backbone of your IT infrastructure when security solutions are planned. It is important to implement security methods zone wise. The Production Zone where you have all your mission critical data should have strict rules implemented for incoming and outgoing traffic. The Development Zone may have a less rigid environment. The Testing Zone environment should be isolated from random traffic of Development Zone. There should be a physical separation between internet accessible servers and other infrastructure.
Data Security
Data Security should be separated from Server Security. Different servers handle different type of data and security rules should be implemented accordingly. Firewalls should be setup to separate the access to different data. The firewall rules should be implemented and configured depending upon the access levels required for each type of data. Moving data should be scanned for potential privacy leaks and it should be ensured that data goes to right person and is properly encrypted. Encryption policies should implemented with software encryption. Patching programs should be implemented regularly to avoid vulnerabilities on the servers.
Application Security
Today’s IT applications are big with complex architectures and it is important to take care of application vulnerabilities before it goes into your production systems. Applications must be scanned for vulnerabilities that hackers can easily exploit. The reported vulnerabilities should be rectified and proper security metrics should be applied before any application goes into production. Developers should run their own code through a code scanner that scans the source code for buffer overflows and other vulnerabilities. Before it goes into production, it is important for both code scanning and application scanning for all possible vulnerabilities.
Cloud and Virtual Network Data Security
Organizations need to focus on securing the cloud based, virtualized network and storage as well. Virtualization has added new security issues. Virtualized network can be separated and isolated so that different set of rules can be implemented to manage the security. The host based security systems can be implemented to monitor virtual machines and network, to detect any malicious activity. Within a virtualized Data Center, administrators can compare and analyse client to server traffic to check the legitimate traffic. Cloud computing requires a different security approach. Hence security methods need to be implemented to ensure the data flow between Data Centers, Client Systems and Data Centers and between Virtual Machines within the Data Center. It is important to ensure that these flows and not carrying malicious traffic. Good coordination of networking devices, firewalls, SSL devices and intrusion prevention solutions can ensure a robust security for cloud computing environment.
Overall, a good Access Control System, Fenced off Boundary, guards to control Physical Access, Video surveillance, Network, Data and Application Security measures – all implemented together can form a robust Data Center security system.
Government of Telangana proudly welcomes Sify Technologies, India’s premier ICT Company to Hyderabad
Hyderabad, January 02, 2016: Sify Technologies today announced the setting up a state-of-the-art Global Delivery Center at Hyderabad. This will be the Company’s largest delivery center in India and will help drive its global ambitions.
It may be recalled that Sify had recently announced a global partnership with Fujitsu Limited to collaborate on providing ICT solutions. The two companies are collaborating to strengthen their global approaches to developing new customers and markets, and to jointly win multi-regional opportunities, starting with the North America market. When completed, this 200,000 sq.ft. Delivery Center will focus on supporting the partnership through the development of solutions for the Third Platform (also known as ”SMAC” Social, Mobile, Analytics and Cloud Platform)
Commenting on the development, Mr. K T Rama Rao, Minster of IT and Panchayat Raj, said, “We are happy to welcome India’s ICT pioneers, Sify Technologies, Global Delivery Center in Hyderabad. We are determined to position Telangana as the preferred destination for IT companies in India and are continuously streamlining measures so that it is EASY to do business here.”
Chairman of Sify Technologies, Mr. Raju Vegesna added, “This state-of-the-art Global Delivery Center will build solutions for the Third platform and support our applications and system-integration resources globally. Hyderabad, with its best infrastructure, Cosmopolitan culture, abundance of skilled domain knowledge resources, excellent education system and cost effectiveness is critical to our ambitions. The dynamic leadership in Telangana has also been very accommodative of IT entrepreneurial ventures. This Delivery Center will help further our credentials as a Global Managed Services player”.
About Sify Technologies
Sify is among the largest integrated ICT Solutions and Services companies in India, offering end-to-end solutions with a comprehensive range of products delivered over a common telecom data network infrastructure reaching more than 1300 cities and towns in India. This telecom network today connects 45 Data Centers across India including Sify’s 6 concurrently maintainable Data Centers across the cities of Chennai, Mumbai, Delhi and Bengaluru.
A significant part of the company’s revenue is derived from Enterprise Services, comprising of Telecom services, Data Center services, Cloud and Managed services, Applications Integration services and Technology Integration services. Sify also provides services that cater to the burgeoning demands of the SMB community, much of it on its Cloud services platform.
Certifications
- ISO 9001:2008 – Enterprise Sales, Provisioning, support and customer relationship management of ICT solutions and services including VPN, Network, Voice, Data Center hosting, Integration services, security services and managed services.
- ISO / IEC 20000 – 1:2011- Data Center Operations.
- ISO/IEC 27001:2013 – Network Operations, Hosting at Data centers & PoPs and for providing Managed security services at SOC and for providing Managed Hosting services
- SSAE16 SOC2 Type II for Cloud Infrastructure
- TL 9000 for Enterprise Network Services, Network Integration Services including Design, Implementation and Support services. This certification is telecommunication industry’s quality system standard that expands the requirements of the International Standards Organization’s ISO 9000 quality management standard in use by industries worldwide.
Sify has a unified licence to operate NLD (National Long Distance), ILD (International Long Distance) services and ISP services and offers VoIP backhaul for international carriers. With the Sify Cable landing station and partnerships with submarine cable companies globally, Sify is present in almost all the spheres of the ICT eco system.
Sify has an expanding base of Managed Services customers, both in India and overseas, and is India’s first enterprise managed services provider to launch a Security Operations Center (SOC) to deliver managed security services. The software team develops applications and offers services to improve business efficiencies of its current and prospective client bases. Sify also offers services in the specialized domains of eLearning, both in India and globally. For more information about Sify, visit www.sifycorp.com
Forward Looking Statements
This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. The forward-looking statements contained herein are subject to risks and uncertainties that could cause actual results to differ materially from those reflected in the forward-looking statements. Sify undertakes no duty to update any forward-looking statements.
For a discussion of the risks associated with Sify’s business, please see the discussion under the caption “Risk Factors” in the company’s Annual Report on Form 20-F for the year ended March 31, 2015, which has been filed with the United States Securities and Exchange Commission and is available by accessing the database maintained by the SEC at www.sec.gov, and Sify’s other reports filed with the SEC. For further information, please contact:
For further information, please contact:
Sify Technologies Limited
Mr. Praveen Krishna
Investor Relations & Public Relations
+91 44 22540777 (ext.2055)
Grayling Investor Relations
Petra Wensing
Ms. Trúc Nguyen (ext. 418)
+1-646-284-9400
