Follow us

5 fundamental principles to protect Data Centers taken from Nuclear Weapon stocks security

Published: July 20, 2021 By Dmytro Cherkashyn

21th Century required to care data as strategic weapon of mass destruction

Image source - Shutterstock

Data theft or Nuclear Weapon Theft? I am not sure which is worse today.

Protection of modern Data Centers is not an easy task at all. The value of data stored there could be equal to the budget of some countries, so companies really care about protection measures.

Since the nuclear race story started a little earlier than the informational war, best practices for the security of Nuclear Weapon stocks were implemented and exercised many decades before operators of Data Centers implemented some of them into the civilian area.

 

How security of Nuclear Weapons applies to Data Centers?

Let’s start with some classical stuff, namely information security goals. They are fundamental principles of IT security but also very easy to map on strategic Nuclear Weapons security.

Confidentiality availability and integrity are tree IT security goals

  • Confidentiality. We know that it could be quite expensive when somebody's personal data, commercial secrets, or other strategically important information are stolen or leaked. Confidentiality of Nuclear Weapon stock has the same issue. It always was, it is, and it will be a very sensitive subject. Any information leak could disturb the balance in the geopolitical arena.
  • Integrity. Any malicious changes to data integrity can cause chaos on the local or even international level. At the same time, the introduction of any alteration to physical elements of a Nuclear Weapon or its informational components can lead to unpredictable consequences, thus a very critical goal.
  • Availability. During the cold war, strategic Nuclear Weapon bases were only weights on the scale of peace. Sudden unavailability of any of this base could cause a Third World War, but this time without a winner. The value of data also can be only assessed when authorized persons have access to it at any time. In modern enterprise-level data centers, downtime for the average server is not exceeding half an hour per year.

Now we know definitely, the fundamental goals of security are compatible between two such different sectors. So, what did Data Centers actually borrowed from Nuclear Weapon protection strategies?

I identify the following five fundamentals, while it could be a little bit subjective to my experience.

  1. Strict access control
  2. Defense-in-Depth
  3. Balanced protections
  4. Graded approach
  5. Four eyes principle

Let’s us look closer at their meaning.

Strict access control

You might hear about access control procedures to the heart of Data Centers, and you will be stunned how close they are to those at Nuclear sites.

Of course, this is not the only element of physical protection at Data Centers.

  1. To be effective, the access control system should be extended, at least with Video Surveillance and Intrusion detection systems.
  2. The vetting process for each employee with access rights is essential.
  3. The need-to-know rule is applied here at its best.

Biometric access control systems on Server Farm hall and access point to Nuclear site

Image source – pinterest.com

Defense-in-Depth

This principle can be presented in many different ways with slightly different pictures of layers. Still, I found one below ideal for our brief comparison purposes.

The idea of defense-in-depth came from the fact that you can't prevent breach or intrusion into the site from a highly motivated and good equipped team of an attacker. Everything is possible to do – extending their timeline on the way to the main target.

For this purpose, they will need to overcome or destroy several layers of protection on their way.

Defense-in-depth applied to Vital area of nuclear facility

Image source – jnfl.co.jp

It is worth saying that any reaction to an attack could be successful only if there is a physical reaction to such an attack. The enforcement law should be ready to come on alarm within the time, which is less than intruders require to perform and complete their attack.

For example, you have measured the time needed for your hypothetical attacker to break into the server room, which equals 7 minutes. External or internal response groups should detect an attack, intercept, and neutralize the attacker and all within this period. Otherwise, it will be impossible to prevent damage.

This can be critical, especially in the case of sabotage. Attackers will need only to enter and reach the target without the need to leave the site with some materials or information stolen.

Defense-in-depth applied to protection of Data Centers

Image source – isa.org

Balanced protections

This one is straightforward to catch up.

It states that regardless of the attacker's way toward the goal, he should meet an equally effective set of barriers and constraints. In the world of practice, it means the equal time of delay through the physical barriers.

Imagine the solid wall with door and windows in there, where windows have only one layer of glass and nothing more, whereas the door is hardened along with the best practices of

Nuclear Bunkers.

That is it, the above-described system is not balanced.

Balanced security explained on layers of security perimeter and approaches to break in

Image source – slideshare.net

Graded approach

If you are not comfortable with this term, I can propose something more familiar for you, a risk-based approach.

Based on the criticality of the system, different sets of security measures are required.

Different countries, depending on their internal cultural features, are implementing this principle of their own.

For example, the US uses a performance-based approach to define the set of rules for the particular case. In this case, every participant of this process can make assumptions on how to reach the required level of protection without any limitations of chosen instruments.

Other countries, in their turn, establish very strict prescriptive rules and a list of security controls, which are based on third-party assessment and don't really reflect the effectiveness of implemented measures.

Clearly, protecting the office server with a corporate website on the same level as the financial database server doesn't make any sense of ROSI (Return on Security Investments). As well as otherwise, reduce the security of highly critical applications will put much more risks on the company.

For 5 levels of security we need to develop 6 sets of security measures

Image source –script.org

Four eyes principle

It is also known as the "Two-person rule". It is widely implemented in many sectors starting with military operations to the financial sector.

I noticed that many people adapted it in a little bit different meaning than it was initially established.

Originally, its purpose was to prevent any malicious and unauthorized actions from one of the potential insider person during critical operations. For this, both people should have at least the same level of access to information and assets.

Today, people extend in also to quality assurance as well safety, said that the second person should have at least the same professional level and knowledge to control operations of the first person and exclude any human factor during the operations, while it has not too much with security.

4 eyes principle simply explained

Image source – blogspot.com

Other supporting systems

We have just scratched the surface in the area of physical security for critical infrastructure.

By the way, Data Service Providers will be soon (after implementation of the EU Directive on Networks and Information Security) recognized critical entities, which are responsible for the protection of their network infrastructure exactly as water supply, power grid, the medical sector as well as space now.

There is much more history behind the Nuclear site protection, which is slowly going to grave with all carriers of such information, and much more supporting systems to keep operations, to name a few:

  1. Electricity supply
  2. Lighting
  3. Communication

But basically, even one single light-bulb plays a role because

  1. It provides light
  2. Light is required by CCTV
  3. If CCTV is fully equipped with night-vision, facility personal need light to perform their routine.

Conclusion

We have looked at the history of Nuclear Weapons security, which is today applied almost identically to the protection of Data Centers.

How amazing can it be the fact that so many different subjects are compared today side-by-side? It just another time emphasizes the role of data in our lives and the importance of keeping it under the wall.

There is even much equality between these fields, including deterrence strategies, attack attribution, and conventions of the non-first strike. Would you like to know more on this topic? Let me know in the comments.

Stay tuned and watch around!

Editor-in-Chief
Dmytro Cherkashyn
Being a passionate security expert from Ukraine, Dmytro has passed through various security domains for the last 12 years, starting with the physical security of nuclear facilities and coming to operational technology cybersecurity for critical infrastructure in Germany.

Write a review

click to select