The battle is heating up and the costs are staggering. In a recent Information Week article entitled Banks Hit Downtime Milestone in DDoS Attacks, it was reported that U.S. banks and financial services institutions have reported double the downtime of their websites compared to a year ago. And, with the much publicized accusations against the Iranian Government for sponsoring DDoS attacks on U.S. Banks, the impact may be felt for some time. It’s not just banks and financial institutions at risk, anyone with a web presence can be impacted. So, if you aren’t protected you may end of paying a stiff price in terms of business interruption and possibly lost customers, revenue and reputation.
DDoS Defined
Simply put, Distributed Denial-of-Service (DDoS) is an attempt to make a machine or network resource unavailable to its intended users. There are many ways to do this and they all have the same effect of generating an overwhelming amount of traffic to web servers so that they become unresponsive to their intended users. This is not to be confused with a security breach where hackers gain access to an organizations IT infrastructure to capture sensitive information and cause damage. However, a DDoS attack could be a starting point for those intent on causing harm.
DDoS Protection
Protection starts with recognition that you are vulnerable. Once you have that you can create a plan to do something about it. Start with DDoS mitigation that uses advanced technology to distinguish between good and bad traffic, permitting the good “clean” traffic through, and dropping the “dirty” bad traffic. Without DDoS mitigation, you have two basic options. Option 1: Wait for the attack to end. Keep in mind that during the attack your customers can’t access your website, and perhaps there are other problems, like your staff not being able to manage your servers or access corporate information, clearly not a great option. Option 2: Take down the attacked web server(s). This actually completes the intention of the attack, but the benefit is that your employees are no longer prevented from managing the other servers or accessing other corporate information. Clearly your options aren’t great without DDoS mitigation that will permit your website to continue serving customers as if the attack weren’t happening at all (depending on the type of DDoS attack and the type of mitigation used, your mileage may vary).
The Bottom Line
DDoS protection is no longer a nice-to-have, if your business depends on the availability and performance of Internet based applications you have to be protected or risk losing customers, revenues and reputation. DDoS protection is now a cost of doing business, just like paying for any other part of your IT infrastructure. Here’s a little something to think about, not having DDoS protection is like building a world-class IT infrastructure that runs your mission-critical applications over dialup. You may not be old enough to remember dialup so let’s put it another way, imagine your customers trying to login to your website and it taking 5 minutes just to enter their username…any questions? If you’d like to learn how Data Foundry can help you, please contact us for more information.
Imagine that Hurricane Sandy came knocking at your door. Would your IT infrastructure be safe? Would your staff have a suitable workspace to continue operations? Don’t let your business be a victim of a disaster as some experienced in New York and New Jersey when their cooling systems were forced to power down and flooding killed their network. These events are further explained in an article entitled In Sandy’s Aftermath, Epic Challenges for Data Centers about some of the effects Hurricane Sandy had on data centers. To ensure that your disaster recovery strategy can withstand the test of a disaster, here are four important items to consider.
Safe Zone Location
Your disaster recovery site should be located in a so called low incident zone in the United States. This is an area that has a low risk for natural disasters. If you select such a location for your disaster recovery site you can be reassured that your data will not only be secure, but your IT infrastructure will also be safe from possible flooding or overheating.
Worksite Recovery
Your disaster recovery strategy should include a safe zone, not only for your data and IT infrastructure, but for your staff as well. Planning for worksite recovery can ensure that if a disaster affects your business you can continue operations at a data center that provides you with a stable environment, not affected by the disaster.
Onsite Support 24x7x365
In case your staff cannot get to your disaster recovery site quickly, make sure your recovery plan includes the availability of trained IT staff that can assist you with all of your support and maintenance needs. Ideally your disaster recovery site should have highly qualified support personnel available 24x7x365.
Network Services
Network services that provide access to several carriers at once ensures the most reliable routing for your network connectivity. Such built-in redundancy will allow you to not only use the carrier of your choice, but have backup as well, should your primary carrier suffer an outage because of the disaster.
The Bottom Line: When it comes to your disaster recovery strategy, if you do nothing else you should ensure that your disaster recovery site is located in a safe zone. Otherwise, your disaster recovery strategy could very well end in disaster.
Colocation providers are eager to help you make the right choice in selecting a data center (hint – we all believe our data center is the right choice). Most colocation providers will supply you with a checklist to make sure you understand all of the features we think you should evaluate in order to make an informed decision. This is good stuff and actually quite useful!
In the end we are all trying to make sure your IT infrastructure will have a happy home in our data center. It’s like when your child leaves home for college; you want to make sure he/she will have everything needed to thrive – from a safe and secure roof over their head to a reasonable diet to roommates they can trust. We essentially want the same thing for your IT infrastructure while it is under our roof.
Let’s examine some potential red flags for selecting a colocation provider:
- The Tour: Would you send your child to a college that you didn’t visit first? Putting your IT infrastructure in a data center without first seeing it is very similar. Red flag if your company is considering a data center that no one in your organization has visited.
- 7x24x365: Make sure it really means 7x24x365. Some data centers require appointments in order for you to visit your IT infrastructure, especially if you want to do this after hours. By the way, most of your work is likely to be done after hours so this could be a major red flag. Data centers like this, known as “dark sites” typically have people on-call so when you need to work after hours they send someone in to unlock the doors and turn the lights on. Red flag if the facility doesn’t have on-site staff 7x24x365.
- Network Services: Performance and availability are of paramount importance to your success so your colocation provider should offer a blended Internet service that provides access to a minimum of four carriers at once. Ideally you’ll want carrier-neutral access to your choice of network carriers in order to have the most flexibility possible. Red flag if your colocation provider is not carrier-neutral.
The Bottom Line: You’ll want to pay attention to the red flags listed above in vetting colocation providers to make sure your IT infrastructure is safe, secure, and provided with the nurturing needed to thrive. If you are betting your business on your IT infrastructure you should use a colocation provider that is as passionate about their business as you are about yours.
Let’s start by talking about why this is even a topic for discussion. It all comes down to the desire to have successful data center outsourcing initiatives – whether you are looking to completely outsource your data center operations or just pieces of them. Nobody goes into a project expecting failure yet there are plenty of stories about best efforts that went wrong, sometimes very wrong, like Texas Ousts IBM, Takes New IT Outsourcing Tack. To be fair, the majority of organizations looking to outsource all or part of their mission-critical infrastructure won’t have to deal with the scale and complexity of the state of Texas. Where, as we know, everything is bigger. However, I think you would agree that your IT infrastructure is no less important…to you!
Let’s get back to what we mean by “experience-based”. In a nutshell we are talking about the key to a successful data center services provider relationship. Yes, we mean relationship. If you aren’t looking for a relationship with your data center services provider you will probably be looking for a new provider – sooner or later.
There are two key elements to “experience-based” that differentiate data center outsourcing service providers; technical experience and customer experience. Technical experience means the long track record of been-there-and-done-that level of competence that ensures the provider knows what they are doing. You can spot this by understanding the tenure of the people working for the provider, the maturity of their processes (especially on-boarding), as well as certifications like SSAE 16. The second element, customer experience is the level of customer satisfaction that indicates the provider is someone you want to do business with. You can spot this through customer references that speak to their level of satisfaction with the providers’ customer service and support. You can’t have one without the other, they are both required and are what set the best-in-class service providers apart from the masses.
The Bottom Line: “Experience-based” as defined above is important to ensure the success of any relationship you might have with your data center provider. You can identify the best-of-breed with a few pointed questions like: How long have you been in business? How many customers like me have you implemented? What is your churn rate? How frequently does ownership of the company change? Be careful of organizations that have changed ownership every few years, the chances are high that they haven’t been able to retain the experience needed to support the infrastructure you are betting your business on.
Hurricane Sandy served as a stark reminder that we should always be prepared for the unexpected. Following this type of disaster, we are forced to reassess our understanding of how certain areas are affected by natural disasters. Red Cross, NOAA and NRC have developed a basic risk level for almost every part of the US. We commonly use the map below to illustrate how safe Austin, TX is for data center operations.
Read More ›
Texas 1 is designed to ensure continuous uptime and availability for your IT infrastructure. In our latest blog entry, we explore the costs of downtime.
A 2011 Ponemon Institute study, “Calculating the Cost of Data Center Outages”, analyzed costs at 41 data centers to try and identify the costs of downtime. Some of the more relevant facts include:
- Average cost of data center downtime is $5,600 per minute.
- The average reported incident length was 90 minutes, resulting in average cost per incident of approximately $505,500.
- For a total data center outage, which had an average recovery time of 134 minutes, average costs were approximately $680,000.
- For a partial data center outage, which averaged 59 minutes in length, average costs were approximately $258,000.
Read More ›
Tuesday night’s Data Center World “After Party”, hosted by Data Foundry, Opengate and DCS, was a success for everyone involved.
A packed room of data center professionals was in attendance to relax and discuss the wide range of topics presented at this year’s Data Center World 2012. Included in this year’s presentations was Data Foundry’s own Cameron Wynne, AFCOM’s 2012 Data Center Manager of the Year, who presented on ‘Overcoming Project Hurdles Using Proven Project Methodologies’. Thanks to each of you that stopped by and let us know how much you appreciated his presentation. We look forward to seeing everyone at Data Center World 2013.
Read More ›
Roughly 35 AFCOM members attended the 2012 Greater Houston AFCOM Chapter Meeting last Thursday. During the luncheon, Data Foundry’s Cameron Wynne, Vice President of Operations and current AFCOM Data Center Manager of the Year, gave a presentation on Overcoming Project Hurdles. Cameron covered issues on avoiding and minimizing the inherent risks involved in constructing and managing state-of-the-art colocation data centers.
“It was great to have so many Houston area companies at this event,” states Cameron. “As a long-standing member of AFCOM, we were excited about the opportunity to host the Houston chapter. It’s an honor to be named the Data Center Manager of the year and to be able to speak to a group of my peers about my past experiences building and managing data centers.”
Cameron also plans to address attendees at Data Center World Fall in Nashville, TN on October 1st at 1:15 p.m. AFCOM’s Data Center World is the premier international conference for data center and facilities managers held every year. More event details and registration can be found here.
P.S. Don’t forget to check out the Data Center World After Party on October 2nd.
Read More ›
Mark your calendars! Data Foundry, Opengate and DCS will be hosting a cocktail party at Ravello’s restaurant in the Garden Conservatory Gaylord Opryland on Tuesday, October 2nd from 6:30pm – 10pm. Join us after Data Center World to mingle with your peers over drinks and hors d’oeuvres. AFCOM Data Center Manager of the Year, Cameron Wynne will also be in attendance!
Contact your Data Foundry Sales Rep to receive an exclusive invitation. Entrance is by RSVP only.
Downed Power Lines
According to the Edison Electric Institute, the top five causes of power outages in the United States are:
- Mother Nature – More than half of all power outages across the U.S. are caused by nature. High winds, lightning, ice and heavy rains can affect an aboveground power line directly or indirectly by causing trees or other debris to strike it. Overgrown vegetation can also short out aboveground equipment.
- Automobile Accidents – Over five percent of all power outages are caused by a vehicle striking an electrical pole or transformer.
- Wildlife – A smaller percentage of power outages is caused by animals coming in contact with the line or equipment, causing it to fail.
- Construction – Whether new construction or maintenance, cranes and dig-ins are another major threat to the power supply.
- Fire – Aboveground feeds are vulnerable to fire destroying equipment at any point along the line’s path.
Construction workers lay electrical conduit 4 feet underground.
By deploying an underground power feed, Texas 1 avoids being affected by the risks listed above. By encasing the feed in concrete, we’ve added an additional layer to protect against digging, boring, and tree root growth. Our objective is to provide our customers with the best, most reliable data center for mission-critical operation. In fact, the entire power infrastructure at Texas 1 has been constructed to provide a constant and consistent level of power. For more information regarding the Texas 1 power infrastructure, visit the Texas 1 power page.
