Cyber Threats You Never Thought Of: ISPs Must Protect Company Networks Against Fires, Natural Disasters and Even Backhoes
SAN DIEGO March 1, 2006 Hackers and terrorists arent the only cyber threats to Corporate America. Fires, HVAC, power grids and backhoes can destroy a companys valuable network just as easily. Its something that most companies dont even consider when choosing an Internet Service Provider and co-location facility. So says Jerry Morris, founder and general manager of San Diego-based NextLevel Internet, Inc.
Spending on cyber security is expected to reach $24.6 billion by 2009 (according to technology research firm Gartner), as companies continue to be concerned with safeguards like VPN encryption, firewalls and intruder protection. With all the time and money being spent on thwarting possible internal threats its no wonder IT managers arent paying closer attention to the physical aspects of their networks, Morris says.
The last thing a company thinks about in terms of security is whether its Internet Service Provider has a coherent plan in place to thwart a physical security breach, he says. They also dont ask themselves, what happens if the environmental control systems go down? What happens if a backhoe digs up a trench containing a segment of the SONET (Synchronous Optical Network) coming in and out of the co-location facilities? These are questions companies really need to know and need to make sure their ISP is answering and has solutions for.
Besides fire and other natural disasters and physical threats, companies should also make sure that not only is the core backbone to their network being monitored 24/7, but ideally they also need to make sure the clients individual connections to the Internet are being monitored. In the best case scenario, mitigation of a potential or growing threat is proactively squelched as a result of the proactive monitoring down to the client level.
Morris, an Internet veteran, founded NextLevel Internet in 1999 after seeing a dire need for such protection. NextLevel, a business-to-business co-location, Internet and managed data services provider, monitors its network connections through its Network Operation Center 24/7. An engineer is always available to proactively solve an issue or call a client if any disturbances are noticed.
To NextLevel, security is not a single issue, Morris says. We try to identify risks and threats and provide the countermeasures to protect facilities, equipment and people.
NextLevel whose clients include the American Red Cross, Home Depot Online, Santa Fe Christian School, Golden Hour Data and Palomar Pomerado Hospital provides, among many things, continuous physical security monitoring; rapid response to alarms; access controls; closed circuit television monitoring; industrial-strength power and heating, ventilation and air conditioning (HVAC); fire extinguishing system and alarms; overhead cable management and ladder racking; and SONET ring architecture on the core network (in the event of a fiber cut, data in transmission is automatically rerouted to reach its destination via another path). Those who enter NextLevels co-location facilities must also pass a minimum of four layers of physical security including biometric palm scanning.
NextLevels goal is to provide the highest level of security possible, Morris says. We have designed a comprehensive strategy for protecting the physical and electronic infrastructure of the network. Companies today cant afford not to have this kind of vital network protection.
The following is a checklist of questions to ask yourself and the ISP to ensure there is a comprehensive plan in place that addresses the security of the physical and electronic infrastructure you need:
? Does the co-location facility have steel reinforced concrete walls and no exterior windows?
? Is the exterior signage of the facility obscure or non-existent?
? Does the location have access to multiple freeways in the case of an emergency?
? Is the facility in a single story building with a minimum of a seismic 4 rating if located in regions prone to earthquakes?
? Is the ISP in the flight path of a public or private air strip? If so, consider checking the flight crash records at the FAAs website to view historic close calls.
? Was the co-location facility built to meet or exceed commercial global telecommunications standards? Additionally, if you are a U.S. based company, will the ISP hold your company back from attaining such existing or potential audit requirements as Sarbanes Oxley, HIPAA or SAS70?
? Does the facility have access to multiple power grids?
? Does the ISP have multiple, stand-alone generators dedicated to the co-location facility specifically and not other occupants of the building?
? Does the ISP have a coherent plan in case of a fire, including comprehensive fire extinguishing systems and alarms?
? Does the facility have its HVAC/environmental control systems constantly monitored and routinely maintained professionally? Ask the operations manager or general manager if the ISP has ever had issues related to these systems that resulted in client outages.
? Is the entire network, including your local connection being proactively monitored 24/7 and what are the escalation procedures if an issue is detected?
? Are local technicians monitoring your individual connections and are they certified and capable of taking immediate action to correct a problem?
? Does the ISP conduct background checks on ALL of its employees?
? Does the ISP have a policy in place to immediately eliminate physical and virtual access to employees and or employees of clients who have been terminated?
? Does the ISP have contacts and experience working with FBI and CIA task forces to trace criminal acts if necessary?
About NextLevel Internet
Founded in 1999, NextLevel Internet is a business-to-business co-location, Internet, and managed data services provider that matches its customers needs with the highest quality deliverables and customer service available.
The company specializes in providing service to companies whose loss of Internet connection will result in the loss of life, money or reputation. NextLevel Internet provides only the best clear channel connectivity direct to a fully redundant Tier 1 Internet backbone with unbeatable value. NextLevel Internet is managed and operated 24/7 by seasoned Internet and data professionals who understand that impeccable service is paramount. Certified engineers (CCNA, CCNP, MCSE) and highly trained personnel handle all of its client requests from complex design and build-out to simple routing, DNS, IP allocation, router replacement, and tail circuit issues directly and immediately. NextLevel Internet monitors its network connections through its Network Operation Center (NOC) 24×7 using ICMP/SNMP sampling.
For more information on NextLevel Internet, call 858.836.0703 or visit www.nextlevelinternet.com.