When it comes to security, there is often a focus on the software side, thwarting hackers and other virtual threats such as viruses and worms. When it comes to uptime and availability, focus often rests on redundant power, clustering, and other similar strategies. We often forget about something that can put a stop to any operation: good, old-fashioned, real-life robbery.

Don’t make the assumption that it will never happen to you.

Are data centers as secure as they want you to think?

Though security is often a selling-point for many data centers, they aren’t necessarily safe from theft. There have been plenty of incidents involving hardware theft from data centers.

A few examples:

• Multiple robberies at a Chicago data center
  The Chicago-based colocation company CI Host had its data center broken into on October 2, 2007. The intruders passed through a reinforced wall with the help of a power saw, attacked the night manager with a tazer, and stole at least 20 servers. This particular data center had at that time been burglarized at least four times since 2005.
• Fake police officers rob Verizon data center
  A Verizon Business data center in northern London got $4 million worth of computer equipment stolen on December 6, 2007. The “heist” was done by between three to five men dressed as police officers. They managed to gain entry to the data center and tied up the five staff members before stealing the equipment.
• Level 3 data center robbery disrupts telecom service
  One of Level 3’s London data centers had a number of router cards stolen on November 1, 2006, which disrupted voice and data traffic to many of its customers in London.
• Peter Gabriel’s website down due to stolen servers
  Musician Peter Gabriel had the servers running his official website stolen in May 2008, effectively taking his website offline. The servers were said to be hosted with the company Rednet Ltd. Not much information seems to be available other than a temporary message that was posted on his website explaining that all services were offline since their servers had been stolen from the ISP.
• Thieves rob Cable & Wireless data center, taking out Financial Times website
  A Cable & Wireless data center outside London had routers and switches stolen on July 10, 2008. Among the affected customers was the Financial Times, whose website was left offline until they could redirect it to a backup facility.

If you keep it in the office, have proper security

It may be tempting to keep your servers nearby in your office, both for convenience and perhaps also for cost reasons. But if you do, make sure they are properly locked away in a secure place.
Otherwise something like this could potentially happen:

• Dept-collection bureau server with personal data for 700,000 people stolen
  On March 21, 2008, thieves broke into the Central Collection Bureau in Indiana and stole eight computers and one database server. The stolen database server contained personal information about approximately 700,000 Indiana residents, including their social security numbers.
• Insurance company robbed of server with information about 930,000 customers
  International Insurance Group, AIG, had their offices burglarized on March 31, 2006. The thieves got away with a server filled with data containing the names, addresses and social security numbers of over 930,000 customers.
• University file server with cancer research data stolen
  A file server containing cancer research data was stolen from the University of California on March 20, 2007. The research data included names, contact information and social security numbers of study subjects and in some cases also personal health information.

Black market for hardware

This article from The Register is a bit on the old side, but it’s an interesting read. According to it, criminals are even targeting specific brands of hardware and are well aware of what they are looking for. There is obviously a lucrative black market for computer equipment if organized, criminal elements are involved.

Stealing data, not hardware?

Loss of hardware is one thing, but hardware can be replaced. One scary thought is theft specifically aimed at stealing servers with valuable data on them.

For example, in the cases where customer databases and credit card information are stolen, not only is it a liability to the company and its customers, but this information can most likely be sold for a hefty profit by unscrupulous individuals.

In the examples above, several cases have involved what must be considered as very valuable data. It is quite possible that this was just a coincidence and that the thieves were only after the hardware, but who knows?

Worry about protecting your data from hackers and take precautions, but remember that if someone just walks away with your server, that firewall you set up won’t do you much good.

What can I do?

Aside from planting yourself in front of your server rack with a shotgun on your lap, what can you do to keep your servers and data safe?

• It’s not always easy to know exactly where your servers are hosted and how well the security is handled. If your servers are critical to your business, make it a point to inquire about the data center where they are kept. What security measures are in place? If you are at a colocation facility you can of course check this out first hand.
• Encrypt sensitive data. The most valuable thing that gets stolen might actually not be your hardware, but the data on them. Maybe the thieves won’t realize this, but don’t count on it.
• Make sure you have backups of important data, and do your backups frequently. In case your servers do get stolen, at least you will be able to restore the lost data once your replacement hardware is up and running.

It might be worth to keep in mind that even with great security measures in place, an office or data center might still end up getting robbed. If criminals can rob banks, they can surely gain access to a data center, as the examples above have shown.

Conclusion

Though this is definitely not our expertise, the fact that computer hardware is being stolen on a wide and regular basis indicates that it has good value on the black market. You therefore need to take strong precautions to protect both your servers and your data.

Also, if you are buying second-hand server equipment, you might want to try to make sure that it’s from a legitimate source. You don’t want to end up with stolen goods.

Trailblazers, creatives and innovators have taken the Internet to where it is today and made it an essential part of our everyday lives. We have selected a number of interesting “firsts” from the history of the Internet (and the Web) for your reading pleasure.

Read more

Facebook has announced that it now has 400 million active users. Just one year ago Facebook had 150 million users, so 2009 was an incredible year for the social media giant.

There can be no doubt that Facebook is pretty much unstoppable at the moment, a real juggernaut. For some perspective on Facebook’s amazing growth, we have put together this infographic. We hope you’ll enjoy it!

Read more

Sometimes you want an easy way to share your Pingdom monitoring data with others. So far we’ve had public report pages that you can use, but now we’ve added one more sharing method that is very flexible and easy to use.

Enter our new “report banners”.

Read more

Unless you’ve been hiding under a rock lately, you’ll know that last week Apple announced the iPad, its new tablet device. Reactions have been a mixed bag, and a storm of discussion has swept through the blogosphere about various features the iPad should or shouldn’t have had.

One of the main complaints so far has been the iPad’s lack of multitasking. (To be precise, multitasking is a bit of a misnomer here; the iPhone OS has multitasking. What people really mean is only allowing one app at a time to run.)

Read more

The tech industry is littered with billionaires. We all enjoy a good income, but some clearly have earned more than others. Much, much more. The question is, how much money do the really big names in tech actually have?

To find out, we went through the Forbes 400, a list of the wealthiest Americans, and filtered out the people who work within the tech field, or more specifically: IT.

So here they are, the 20 richest Americans in tech today.

Read more