Re: Data Center Theft

[Timothy Sipples]

Ed Gould writes:
>Please lets us know that the DS6000 is capable of remote mirroring
>and that it can indeed be done.

It is, and it can, yes. It does support Metro Mirror/PPRC and Global
Mirror/XRC. You need two (or more) of them for mirroring of course.

- - - - -
Timothy Sipples
IBM Consulting Enterprise Software Architect
Specializing in Software Architectures Related to System z
Based in Tokyo, Serving IBM Japan and IBM Asia-Pacific
E-Mail: [EMAIL PROTECTED]

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Anne & Lynn Wheeler]

The following message is a courtesy copy of an article
that has been posted to bit.listserv.ibm-main,alt.folklore.computers as well.


[EMAIL PROTECTED] (Timothy Sipples) writes:
> In fairness, the DS6000 is physically relatively small, although I wouldn't
> want to carry one by myself on my bicycle.  The spindles (individual
> drives) are even smaller, but you'd need a number of them to have a RAID
> set and the complete data.  Tough but not impossible.
>
> I think the IT marketplace is in for a shock when people figure out that
> losing the keys means losing the data.  It isn't like a bank vault where
> you can hire a locksmith to drill some holes over several days.  It's so
> critical to store and manage the encryption keys in a safe, secure,
> recoverable repository.

can you say "key escrow"? ... this was one of the themes from the "key
escrow" meetings from the mid-90s. however, there was lot of confusion
about what "key escrow" met, i.e.  

1) gov. held all keys?
2) institutions holding keys for their own data encryption (as an
availability, business continuity and no-single-point-of-failure)?
3) all kinds of keys?, authentication as well as encryption

"1" got lots of bad press including all the swirl around clipper chip
and things like LEAF

"3" authentication keys aren't really an availability issue ... and
could violate some basic security principles regarding being able to
associate all activities uniquely with individuals.

with all the bad press ... various key escrow activities sort of just
evaporated

wiki reference:
http://en.wikipedia.org/wiki/Key_escrow

nist references
http://csrc.nist.gov/keyrecovery/

misc. past posts mentioning key escrow
http://www.garlic.com/~lynn/aadsm9.htm#pkcs12 A PKI Question: PKCS11-> PKCS12
http://www.garlic.com/~lynn/aadsm16.htm#11 Difference between TCPA-Hardware and 
a smart card (was: example: secure computing kernel needed)
http://www.garlic.com/~lynn/aadsm18.htm#12 dual-use digital signature 
vulnerability
http://www.garlic.com/~lynn/aadsm23.htm#6 PGP "master keys"
http://www.garlic.com/~lynn/2001c.html#65 Key Recovery System/Product
http://www.garlic.com/~lynn/2001h.html#7 PKI/Digital signature doesn't work
http://www.garlic.com/~lynn/2001i.html#36 Net banking, is it safe???
http://www.garlic.com/~lynn/2001j.html#52 Are client certificates really secure?
http://www.garlic.com/~lynn/2002d.html#39 PKI Implementation
http://www.garlic.com/~lynn/2003j.html#53 public key confusion
http://www.garlic.com/~lynn/2004i.html#12 New Method for Authenticated Public 
Key Exchange without Digital Certificates
http://www.garlic.com/~lynn/2006d.html#39 transputers again was Re: The demise 
of Commodore
http://www.garlic.com/~lynn/2006d.html#40 transputers again was Re: The demise 
of Commodore
http://www.garlic.com/~lynn/2007c.html#1 Decoding the encryption puzzle

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Ed Gould]

On Dec 2, 2007, at 4:30 AM, Timothy Sipples wrote:

In fairness, the DS6000 is physically relatively small, although I  
wouldn't

want to carry one by myself on my bicycle.  The spindles (individual
drives) are even smaller, but you'd need a number of them to have a  
RAID

set and the complete data.  Tough but not impossible.

I think the IT marketplace is in for a shock when people figure out  
that
losing the keys means losing the data.  It isn't like a bank vault  
where
you can hire a locksmith to drill some holes over several days.   
It's so

critical to store and manage the encryption keys in a safe, secure,
recoverable repository.




Timothy,

Maybe theft would be one threat but destruction of the keys disk file  
(poor description I am sure) would accomplish the same thing. Say  
exposure to EMC pulse (the type that occurs after a nuclear bomb)   
would be enough ? The threat of an explosion is almost as bad as the  
real occurrence, hold you up for nuclear black mail.


Please lets us know that the DS6000 is capable of remote mirroring  
and that it can indeed be done.


Ed

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Timothy Sipples]

In fairness, the DS6000 is physically relatively small, although I wouldn't
want to carry one by myself on my bicycle.  The spindles (individual
drives) are even smaller, but you'd need a number of them to have a RAID
set and the complete data.  Tough but not impossible.

I think the IT marketplace is in for a shock when people figure out that
losing the keys means losing the data.  It isn't like a bank vault where
you can hire a locksmith to drill some holes over several days.  It's so
critical to store and manage the encryption keys in a safe, secure,
recoverable repository.

- - - - -
Timothy Sipples
IBM Consulting Enterprise Software Architect
Specializing in Software Architectures Related to System z
Based in Tokyo, Serving IBM Japan and IBM Asia-Pacific
E-Mail: [EMAIL PROTECTED]
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[R.S.]

Eric Bielefeld wrote:
I seriously doubt if you could steal a mainframe very easily.  As soon 
as the power was turned off, at least if it was running and in use, 
hundreds of users would complain.  Also, most mainframes are in locked 
areas.  A laptop in a bag would be easier to steal, as so many people 
carry them around.


IMHO it is not good argument.
1. Any machine can be in use so stealing of small Eth switch can 
inlfuence many users.
2. Weight of z9BC (or EC) is irrelevant since it doesn't contain dasd. 
Notebooks inside do contain disk, but we know, there's no business data 
on it.
3. Weight and other parameters of DASD array can be exactly the same for 
distributed systems and mainframe. When we're talking about data theft 
(disks), server size is irrelevant.
4. For sure single disk modules can be stolen and carried by "not-very 
strong" man. It can contain the most secure data from mainframe, as well 
as some office junk (funny picture, movies, etc.).
5. Data center should be well secured. Means of security should be 
adequate to the "range" of data processed, not the platform used.
6. Even if the machine is really to heave to be stolen, it's still 
possible to switch it off. That's why any intruder in server room is a 
big problem. Still, regardless of the platform.
7. Even smallest PC can be welded up to the rack. Closed enclosure, hard 
to open. The rack filled with blades could be more heavy than z9BC. 
...which is irrelevant if we really care about our data center.



--
Radoslaw Skorupka
Lodz, Poland


--
BRE Bank SA
ul. Senatorska 18
00-950 Warszawa
www.brebank.pl

Sd Rejonowy dla m. st. Warszawy 
XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, 
nr rejestru przedsibiorców KRS 025237

NIP: 526-021-50-88
Wedug stanu na dzie 01.01.2007 r. kapita zakadowy BRE Banku SA (w caoci 
opacony) wynosi 118.064.140 z. W zwizku z realizacj warunkowego 
podwyszenia kapitau zakadowego, na podstawie uchwa XVI WZ z dnia 21.05.2003 
r., kapita zakadowy BRE Banku SA moe ulec podwyszeniu do kwoty 118.760.528 
z. Akcje w podwyszonym kapitale zakadowym bd w caoci opacone.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Ed Gould]

On Nov 30, 2007, at 11:35 AM, Eric Bielefeld wrote:

I seriously doubt if you could steal a mainframe very easily.  As  
soon as the power was turned off, at least if it was running and in  
use, hundreds of users would complain.  Also, most mainframes are  
in locked areas.  A laptop in a bag would be easier to steal, as so  
many people carry them around.


Eric Bielefeld
Sr. z/OS Systems Programmer
Milwaukee, Wisconsin
414-475-7434



We hercules can run on a laptop, no?

Ed

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Hardware encryption question(was Data Center Theft)

[Russell Witt]

Herbie,

3592 encyrption IS available; but the key's are stored in one of a couple of
different places. The EKM (the IBM Key Manager) can store them in its own
database (running on a unix/linux box or even on z/OS) or in the security
system (RACF/ACF2/Top Secret) database. So stealing a tape drive plus the
cartridges won't help; you would need to steal the correct server plus the
cartridges.

Russell Witt
CA-1 L2 Support Manager

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED]
Behalf Of Van Dalsen, Herbie
Sent: Friday, November 30, 2007 1:33 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Hardware encryption question(was Data Center Theft)


That is probably the reason that our auditors decided that we should
implement a encryption package on a different server, in the second
server room, to do the encryption on all UNIX and NT servers(which can
be shifted be a single man). They claim that it is useless to have the
decryption code on the same device as the physical disk that is being
encrypted... until the network link to both the encryption servers are
down... 

My question is this... if hardware encryption becomes available on
3590/2's will the encryption be programmed, and how will the DR site
cope...  

Regards

Herbie

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Hardware encryption question(was Data Center Theft)

[Van Dalsen, Herbie]

That is probably the reason that our auditors decided that we should
implement a encryption package on a different server, in the second
server room, to do the encryption on all UNIX and NT servers(which can
be shifted be a single man). They claim that it is useless to have the
decryption code on the same device as the physical disk that is being
encrypted... until the network link to both the encryption servers are
down... 

My question is this... if hardware encryption becomes available on
3590/2's will the encryption be programmed, and how will the DR site
cope...  

Regards

Herbie

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of McKown, John
Sent: 30 November 2007 18:58
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Data Center Theft

> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Schwarz, Barry A
> Sent: Friday, November 30, 2007 12:49 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: Data Center Theft
> 
> 
> It took four of us to push our new minimum sized z9 into the freight
> elevator.  Anyone strong enough to steal it solo could probably make
> more money playing American football a dozen weekends a year.
> 

I watch the "World's Strongest Man" competition at times. Each of those
guys could likely bench press the z9BC we have with NO problems. One of
them pulled a locomotive across a trestle once. My back was in agony the
entire time, in sympathy!

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
Elavon Financial Services Limited
Registered in Ireland: Number 418442
Registered Office: Block E, 1st Floor, Cherrywood Business Park, Loughlinstown, 
Co. Dublin, Ireland
Directors: Robert Abele (USA), John Collins,  Terrance Dolan (USA),  Pamela 
Joseph (USA), Declan Lynch, John McNally, Malcolm Towlson
Elavon Financial Services Limited, trading as Elavon, is regulated by the 
Financial Regulator

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[William Donzelli]

> It took four of us to push our new minimum sized z9 into the freight
> elevator.  Anyone strong enough to steal it solo could probably make
> more money playing American football a dozen weekends a year.

It is not all that hard to move this big iron around* solo, I do it
all the time. Just two hours ago I took a 3990 off my flatbed trailer
using a pair of cumalongs and nylon straps. And I am not winded at
all. Moving these things safely and quickly just requires a little
thought. Giving the casters a shot of lube helps a lot as well.

*Except for Burroughs, and their dimestore casters.

--
Will

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[McKown, John]

> -Original Message-
> From: IBM Mainframe Discussion List 
> [mailto:[EMAIL PROTECTED] On Behalf Of Schwarz, Barry A
> Sent: Friday, November 30, 2007 12:49 PM
> To: IBM-MAIN@BAMA.UA.EDU
> Subject: Re: Data Center Theft
> 
> 
> It took four of us to push our new minimum sized z9 into the freight
> elevator.  Anyone strong enough to steal it solo could probably make
> more money playing American football a dozen weekends a year.
> 

I watch the "World's Strongest Man" competition at times. Each of those
guys could likely bench press the z9BC we have with NO problems. One of
them pulled a locomotive across a trestle once. My back was in agony the
entire time, in sympathy!

--
John McKown
Senior Systems Programmer
HealthMarkets
Keeping the Promise of Affordable Coverage
Administrative Services Group
Information Technology

The information contained in this e-mail message may be privileged
and/or confidential.  It is for intended addressee(s) only.  If you are
not the intended recipient, you are hereby notified that any disclosure,
reproduction, distribution or other use of this communication is
strictly prohibited and could, in certain circumstances, be a criminal
offense.  If you have received this e-mail in error, please notify the
sender by reply and delete this message without copying or disclosing
it. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Schwarz, Barry A]

It took four of us to push our new minimum sized z9 into the freight
elevator.  Anyone strong enough to steal it solo could probably make
more money playing American football a dozen weekends a year.

-Original Message-
From: Clark Morris [mailto:snip] 
Sent: Friday, November 30, 2007 8:11 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: Data Center Theft

These days I suspect that both the mainframe and storage units would be
relatively easy to steal.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Eric Bielefeld]

I seriously doubt if you could steal a mainframe very easily.  As soon as 
the power was turned off, at least if it was running and in use, hundreds of 
users would complain.  Also, most mainframes are in locked areas.  A laptop 
in a bag would be easier to steal, as so many people carry them around.


Eric Bielefeld
Sr. z/OS Systems Programmer
Milwaukee, Wisconsin
414-475-7434

- Original Message - 
From: "Clark Morris" <[EMAIL PROTECTED]>


These days I suspect that both the mainframe and storage units would
be relatively easy to steal.


Martin

Martin Packer 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Clark Morris]

On 20 Nov 2007 00:32:26 -0800, in bit.listserv.ibm-main you wrote:

>Another case of "don't trust a machine you can lift"?  :-)

These days I suspect that both the mainframe and storage units would
be relatively easy to steal.
>
>Martin
>
>Martin Packer
>Performance Consultant
>IBM United Kingdom Ltd
>+44-20-8832-5167
>+44-7802-245-584
>[EMAIL PROTECTED]
>
>
>
>
>
>
>
>Unless stated otherwise above:
>IBM United Kingdom Limited - Registered in England and Wales with number 
>741598. 
>Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
>
>
>
>
>
>
>--
>For IBM-MAIN subscribe / signoff / archive access instructions,
>send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
>Search the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Shmuel Metz (Seymour J.)]

In <[EMAIL PROTECTED]>, on 11/20/2007
   at 12:09 AM, Ed Gould <[EMAIL PROTECTED]> said:

>Colocation providers reflect on robbery at CI Host

Chickens coming home to roost? Google for "C I Host" or "CIHOST' in
news.admin.net-abuse.* and then ask whether anybody is surprised.
 
-- 
 Shmuel (Seymour J.) Metz, SysProg and JOAT
 ISO position; see  
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[A L Hughes]

The British Government has just admitted that it has 'lost' information  
relating to 25 million people (about 41% of the population of the UK). 
 
_http://news.bbc.co.uk/2/hi/uk_news/politics/7103566.stm_ 
(http://news.bbc.co.uk/2/hi/uk_news/politics/7103566.stm) 
 
I recall all those 'consultants' telling the Government all those years  back 
that 'client-server' was the way forward, and to get rid of the mainframe.  
Wherefore art thou, IBM? 



** See what's new at http://www.aol.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[Ed Finnell]

 
In a message dated 11/20/2007 9:15:44 A.M. Central Standard Time,  
[EMAIL PROTECTED] writes:

placed  theirs in for days. That is inexcusable, and anyone that would
continue to  do business with the company after behavior like that needs
their head  examined!




>>
After the suits get thru slicing and dicing, doubt they'll  survive.



** See what's new at http://www.aol.com

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: Data Center Theft

[daver++]

I am in complete agreement with the last couple paragraphs of this
article. If you get hit, you get hit. You take your lumps, evaluate what
went wrong, change security and procedures. You communicate this to your
clients, and maybe you lose some, maybe you don't. You _absolutely_ do
NOT lie to your customers, and put them in the positions that CI Host
placed theirs in for days. That is inexcusable, and anyone that would
continue to do business with the company after behavior like that needs
their head examined!

>  Original Message 
> Subject: Data Center Theft
> From: Ed Gould <[EMAIL PROTECTED]>
> Date: Tue, November 20, 2007 1:09 am
> To: IBM-MAIN@BAMA.UA.EDU
> 
> 
> Colocation providers reflect on robbery at CI Host
> 
> By Bridget Botelho, News Writer
> 08 Nov 2007 | SearchDataCenter.com
> 
> Chicago-based CI Host is a legitimate company, providing more than  
> 250,000 consumers and small and medium-sized business in 190  
> countries with managed Web hosting, dedicated server and colocation  
> services. So how is it possible that the facility has been robbed  
> four times in the past two years?
> 
> According to reports, CI Host's night manager was attacked last week  
> by intruders and assaulted with a Taser and blunt object. The  
> perpetrators then stole at least 20 servers belonging to CI Host and  
> its customers.
> This event took place despite the company's Web site pledge to  
> customers of its Family Colocation service: "Your machine will be  
> housed inside a secured shared colocation area."
> 
> I told CI Host I was coming to pick up my servers. That's when I  
> found out my servers were stolen.
> Nick Krapf, president, BloodServers.com
> 
> According to a published report, CI Host chief corporate counsel  
> James Eckels hinted that the robbery might have been an inside job,  
> saying, "The thieves were likely familiar with the building layout,  
> the company's operations and the technology involved."
> 
> Statistics from Migration Solutions, a data center consultancy,  
> suggest that the possibility is quite likely. Migration Solutions  
> estimates that acts of theft, fraud and vandalism in the data center  
> are three times more likely to be the result of an inside job than to  
> be the work of an outsider. And about 65% of data center security  
> breaches and other incidents are driven by malicious intent rather  
> than economic gain, executed by disgruntled current or ex-employees,  
> according to Migration Solutions.
> 
> Several angry CI Host customers have discussed the possibility of  
> filing a lawsuit against the colocation provider for its negligence  
> and failure to communicate the theft until days after it happened.
> 
> Nick Krapf, president of the gaming network site BloodServers.com,  
> said the incident in Chicago cost him $15,000 in servers and a  
> damaging hit to his customer base, which didn't have service for at  
> least three days. But the worst part was the company's failure to  
> communicate, he said. "At first, we were told the servers went down  
> due to a power issue. ... I told CI Host I was coming to pick up my  
> servers. That's when I found out my servers were stolen."
> 
> Security lessons for users and providers
> At press time, CI Host had not responded to questions about how the  
> security breach occurred and how it would compensate customers, but  
> other colocation providers had plenty to say.
> 
> According to Chris Crosby, senior vice president at Digital Realty  
> Trust, "Security is a paramount issue for customers with  
> installations in colocation facilities. It is overwhelmingly the most  
> important thing they are seeking in a facility with 80% of customers  
> ranking it No. 1."
> Knowing this, Digital Realty uses a multilayer security protocol to  
> protect all its facilities. A four-level access control system is the  
> foundation of the system, limiting access to the facility to  
> authorized people. The facilities also have a check-in system that  
> tracks everyone who is in the facility and limits the areas that they  
> are approved to be in. There are also biometric access points to  
> equipment areas where customer installations and other critical  
> systems are housed, he said.
> Similarly, the Planet, a Houston-based company that owns and operates  
> six data centers containing more than 40,000 servers, said it that  
> has instituted strict security procedures. "Any time people come in  
> and out of our facility -- bringing equipment in or out -- they have  
> to go through the multiple points of security every time," said  
> Yvonne Donaldson

Re: Data Center Theft

[Martin Packer]

Another case of "don't trust a machine you can lift"?  :-)

Martin

Martin Packer
Performance Consultant
IBM United Kingdom Ltd
+44-20-8832-5167
+44-7802-245-584
[EMAIL PROTECTED]







Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU






--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Data Center Theft

[Ed Gould]

Colocation providers reflect on robbery at CI Host

By Bridget Botelho, News Writer
08 Nov 2007 | SearchDataCenter.com

Chicago-based CI Host is a legitimate company, providing more than  
250,000 consumers and small and medium-sized business in 190  
countries with managed Web hosting, dedicated server and colocation  
services. So how is it possible that the facility has been robbed  
four times in the past two years?


According to reports, CI Host's night manager was attacked last week  
by intruders and assaulted with a Taser and blunt object. The  
perpetrators then stole at least 20 servers belonging to CI Host and  
its customers.
This event took place despite the company's Web site pledge to  
customers of its Family Colocation service: "Your machine will be  
housed inside a secured shared colocation area."


I told CI Host I was coming to pick up my servers. That's when I  
found out my servers were stolen.

Nick Krapf, president, BloodServers.com

According to a published report, CI Host chief corporate counsel  
James Eckels hinted that the robbery might have been an inside job,  
saying, "The thieves were likely familiar with the building layout,  
the company's operations and the technology involved."


Statistics from Migration Solutions, a data center consultancy,  
suggest that the possibility is quite likely. Migration Solutions  
estimates that acts of theft, fraud and vandalism in the data center  
are three times more likely to be the result of an inside job than to  
be the work of an outsider. And about 65% of data center security  
breaches and other incidents are driven by malicious intent rather  
than economic gain, executed by disgruntled current or ex-employees,  
according to Migration Solutions.


Several angry CI Host customers have discussed the possibility of  
filing a lawsuit against the colocation provider for its negligence  
and failure to communicate the theft until days after it happened.


Nick Krapf, president of the gaming network site BloodServers.com,  
said the incident in Chicago cost him $15,000 in servers and a  
damaging hit to his customer base, which didn't have service for at  
least three days. But the worst part was the company's failure to  
communicate, he said. "At first, we were told the servers went down  
due to a power issue. ... I told CI Host I was coming to pick up my  
servers. That's when I found out my servers were stolen."


Security lessons for users and providers
At press time, CI Host had not responded to questions about how the  
security breach occurred and how it would compensate customers, but  
other colocation providers had plenty to say.


According to Chris Crosby, senior vice president at Digital Realty  
Trust, "Security is a paramount issue for customers with  
installations in colocation facilities. It is overwhelmingly the most  
important thing they are seeking in a facility with 80% of customers  
ranking it No. 1."
Knowing this, Digital Realty uses a multilayer security protocol to  
protect all its facilities. A four-level access control system is the  
foundation of the system, limiting access to the facility to  
authorized people. The facilities also have a check-in system that  
tracks everyone who is in the facility and limits the areas that they  
are approved to be in. There are also biometric access points to  
equipment areas where customer installations and other critical  
systems are housed, he said.
Similarly, the Planet, a Houston-based company that owns and operates  
six data centers containing more than 40,000 servers, said it that  
has instituted strict security procedures. "Any time people come in  
and out of our facility -- bringing equipment in or out -- they have  
to go through the multiple points of security every time," said  
Yvonne Donaldson director, public relations at the Planet.
"Customers should expect this kind of access control system in any  
facility they are affiliated with," Crosby said.
Unfortunately, many data center facilities make a show of security  
but don't really stand up to serious scrutiny, said Chuck Goolsbee,  
blogger and vice president of Tech Ops at Seattle-based colocation  
facility digital.forest. "The 'rent-a-cop' types that they hire to  
work there are not really qualified to act as security gatekeepers.  
Minimum wage … and complete ignorance with regards to the equipment  
they are charged with guarding is what I've seen, at major players  
from Exodus (RIP) to InterNAP."

When worst comes to worst
Obviously CI Host should have had certain controls in place to  
mitigate its security risk, but the reality is that it's quite  
difficult to create a break-in-proof facility, said Aaron Sawchuk, co- 
founder of the Massachusetts-based ColoSpace.


"This event certainly has encouraged us to re-examine the physical  
security at all of our sites. We review these practices on a regular  
basis anyway, but we will be paying special attention to things like  
co