Colocation providers reflect on robbery at CI Host

By Bridget Botelho, News Writer 08 Nov 2007 | SearchDataCenter.com

IT infrastructure news Digg This!     StumbleUpon     Del.icio.us

According to reports, CI Host's night manager was attacked last week by intruders and assaulted with a Taser and blunt object. The perpetrators then stole at least 20 servers belonging to CI Host and its customers.

This event took place despite the company's Web site pledge to customers of its Family Colocation service: "Your machine will be housed inside a secured shared colocation area."

I told CI Host I was coming to pick up my servers. That's when I found out my servers were stolen. Nick Krapf, president, BloodServers.com

According to a published report, CI Host chief corporate counsel James Eckels hinted that the robbery might have been an inside job, saying, "The thieves were likely familiar with the building layout, the company's operations and the technology involved."

Statistics from Migration Solutions, a data center consultancy, suggest that the possibility is quite likely. Migration Solutions estimates that acts of theft, fraud and vandalism in the data center are three times more likely to be the result of an inside job than to be the work of an outsider. And about 65% of data center security breaches and other incidents are driven by malicious intent rather than economic gain, executed by disgruntled current or ex-employees, according to Migration Solutions.

Several angry CI Host customers have discussed the possibility of filing a lawsuit against the colocation provider for its negligence and failure to communicate the theft until days after it happened.

Nick Krapf, president of the gaming network site BloodServers.com, said the incident in Chicago cost him $15,000 in servers and a damaging hit to his customer base, which didn't have service for at least three days. But the worst part was the company's failure to communicate, he said. "At first, we were told the servers went down due to a power issue. ... I told CI Host I was coming to pick up my servers. That's when I found out my servers were stolen."

According to Chris Crosby, senior vice president at Digital Realty Trust, "Security is a paramount issue for customers with installations in colocation facilities. It is overwhelmingly the most important thing they are seeking in a facility with 80% of customers ranking it No. 1."

Knowing this, Digital Realty uses a multilayer security protocol to protect all its facilities. A four-level access control system is the foundation of the system, limiting access to the facility to authorized people. The facilities also have a check-in system that tracks everyone who is in the facility and limits the areas that they are approved to be in. There are also biometric access points to equipment areas where customer installations and other critical systems are housed, he said.

Similarly, the Planet, a Houston-based company that owns and operates six data centers containing more than 40,000 servers, said it that has instituted strict security procedures. "Any time people come in and out of our facility -- bringing equipment in or out -- they have to go through the multiple points of security every time," said Yvonne Donaldson director, public relations at the Planet.

"Customers should expect this kind of access control system in any facility they are affiliated with," Crosby said.

Unfortunately, many data center facilities make a show of security but don't really stand up to serious scrutiny, said Chuck Goolsbee, blogger and vice president of Tech Ops at Seattle-based colocation facility digital.forest. "The 'rent-a-cop' types that they hire to work there are not really qualified to act as security gatekeepers. Minimum wage … and complete ignorance with regards to the equipment they are charged with guarding is what I've seen, at major players from Exodus (RIP) to InterNAP."

"This event certainly has encouraged us to re-examine the physical security at all of our sites. We review these practices on a regular basis anyway, but we will be paying special attention to things like common hallways other access areas," Sawchuk said.

Even so, very few colocation providers should be patting themselves on the back, Goolsbee said. "So long as facilities are unmanned, this will happen. The concepts of a 'lights out' facility and a 'secure facility' are in so many ways mutually exclusive."

When a security breach does occur, colocation providers should regard CI Host's response as an example of what not to do: that is, lie to customers about the source of the downtime.

"They blamed a router issue," Goolsbee said. "What good does that do anyone? Customer equipment was gone. I can't imagine them maintaining any credibility in the marketplace after this has come to light."

Sawchuk agreed that notification and crisis management could have been handled better. There is never a good way to "spin" data center security problems, but the period of misinformation definitely hurt the firm more than it could have helped, he said.

"The Internet message boards and email lists are rife with examples of pissed-off customers who were led on for days thinking their servers were just down rather than stolen," Sawchuk said. "At the very least, that lack of information prevented the affected firms from notifying banks of possible credit card theft, and other important regulatory requirements. This piece of the event in and of itself could lead to a major legal headache for CI Host."

Let us know what you think about the story; email Bridget Botelho, News Writer.

Also, check out our news blog at serverspecs.blogs.techtarget.com.

Tags: Data center physical security and fire suppression,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Data center physical security and fire suppression Data center hot-aisle/cold-aisle containment how-tos New security technologies tighten data center access control Does SAS 70 certification mean better data center security? Sun Microsystems provides storage, hard drive wiping services Drawbacks to hot/cold aisle containment Hot-aisle/cold-aisle containment stokes fire-code issues The Planet data center hosting company suffers major electrical fire No-tailgating technology prevents unauthorized data center entry The data center EPO button: Is it even necessary? For good data center physical security, build a bunker

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary limited combustible cable  (SearchDataCenter.com) liquid-tight strain-relief connector  (SearchDataCenter.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary