Physical Security for Cloud Data Centers

As I’ve watched the momentum of the Cloud, it’s caused me to reflect upon earlier discussions about data center physical security.  It’s long been my opinion that physical security will soon emerge (or re-emerge) as a top issue in data center planning, since businesses and consumers alike are increasingly reliant on the data and transaction processing being concentrated into these facilities.

In the late ‚ 1990’s, I was in the UK prospecting for data center space for an initial European footprint for E*Trade.  During that prospecting trip, I toured an old AT&T data center in a remote area North of London.  This facility was surrounded by earthen berms at least eight feet high, as well as a very sturdy barbed wire fence.  Why all this for a facility in the middle of the country side?

Wind Power for Data Centers

The challenge in using green energy alternatives such as wind or solar power in data centers is power density.   Data centers consume a lot of power with respect to their physical footprint, so they need very large solar arrays or large wind turbine farms to generate the necessary power for the facility.  Consequently, the amount of time required to reach the positive ROI point with the solar or wind power equipment is typically quite long.  This economic detail is often the inflection point for deciding whether to apply green energy alternatives in the data center plan.

Shell Building Property as Data Centers: When to Just Walk Away

Many firms have gone looking for core/shell property with the intent of renovating these structures for use as a data center.  These projects are very capital intensive, and in many cases the benefits of having the existing structure are almost nil when viewed in the context of the broader project plan and budget.  However, many firms continue the search through available property in hopes of finding a diamond in the rough that can be resurrected as a great data center.

Through our experience in helping clients with these searches, one has to sort through dozens of duds before finding a real candidate data center property.¬† While many problems can be overcome with freely flowing capital, there is a short list of show stoppers that in spite of all else, there is no way to make the property fit the intended purpose.¬† By properly arming your commercial realtor, one can save a lot of time by weeding out the candidate properties according to the most common road blocks.¬† We’ll discuss those here.

GoDaddy Adding Business Incorporation Services

Internet domain hoster and registrar, GoDaddy, has recently added business incorporation services to its palette of value added services. It’s reasonable to assume that individuals shopping for low cost domain hosting are launching small businesses. If you’ve shopped for a domain name lately, you know how difficult it is to find a domain close to what you had in mind for your business. In that regard, the idea of registering your business at the same time the domain name is locked in is a pretty cool thing.

We’re told that the incorporation services are being provided by a partner, The Company Corporation. Because business incorporation is not a recurring activity, the use of a partner makes even better sense for this service. While we are not deeply familiar with The Company Corporation, a walk through their web site reflects that they’re probably a very good fit for the type of user who will find quick, online registration of their business attractive. This is also well aligned with GoDaddy’s standing in this same context.

Smart Grid Jolting IPv6?

The Smart Grid concept is getting a boost from the Obama administration in the form of (with matching of private sector funds) approximately $8B capital investment over the next three years.  The United States Department of Energy is making a number of Smart Grid publications widely available, and the funding attracted by Smart Grid is energizing a number of technology firms positioned to sell into this area.

Among the goals of the Smart Grid concept are the following features of a modernized public electric utility system:

  • Self-healing from power disturbance events
  • Enabling active participation by consumers in demand response
  • Operating resiliently against physical and cyber attack
  • Providing power quality for 21st century needs
  • Accommodating all generation and storage options
  • Enabling new products, services, and markets
  • Optimizing assets and operating efficiently

So what does this have to do with networks and IPv6?  Well, the implications of the capabilities and services outlined above will depend on monitoring and control of both delivered and consumed power at very intricate levels.

The War of the Currents

Posted by Bob Landstrom: CISSP, CGEIT

This week I was in New York City attending a meeting with the Executive Communication Group. One night I decided to go for a walk, and as I was walking I reflected upon the fact that right there, in the streets of Manhattan where I walked, there was once a decisive battle fought in “The War of the Currents.” Let me share this story with you:

In the late 19th century, the US government was deliberating on whether to use AC or DC power for residential and industrial service.  There were two prominent personalities at opposite sides of this debate, thus establishing the battle lines- Thomas Edison and George Westinghouse.

Jim Cramer? C’mon Man!

Well, now I know why I’ve never come out on top whenever I buy one of Jim Cramer’s recomendations.

In a recent (10/22/2009) Mad Money piece on CNBC, Jim Cramer used the Equinix acquisition of Switch and Data to make the point that data centers are obsolete.  In his diatribe about why anyone with Equinix stock should immediately sell, he made the following nearly unbelievable points.

First, he blamed the strong buy and hold recommendation of industry analysts on the fact that these analysts are experts in their field.¬† His logic rests on the position that because these are data center industry analysts, they’re unaware of broader technology issues.¬† That’s right.¬† He’s blaming data center industry analysts for having expertise in their field of knowledge.¬† If you grant some credit to Cramer that maybe he is in fact an expert of his own (which before today I sort of did the same), you’ll perhaps think differently after the following.

Where should we build that data center?

When launching a new data center build project, where the data center will be located is a fundamental issue. There are many factors in deciding where the data center will be, but all of these factors can arguably be consolidated into two issues- Risk and Cost.

We mention risk in terms of Risk Management. Even if a data center is not specifically a disaster recovery site, many issues involving the physical location of the data center are evaluated to assess risk to availability of the equipment and data that would reside there. For example, exposure to environmental threats such as flooding, storms, earthquakes, and so on is often evaluated. Man-made environmental threats such as proximity to chemical plants, railways, gas lines, and so on are included here too. Risk management evaluations will also consider factors such as local crime rate, political stability, and threats from war or terrorism. For a security and risk management professional, this list is long, but any risk exposure is also prioritized and weighted for pragmatic consideration when evaluating site selection for a data center.

Cloud World: Recap on the August event in San Francisco

This year’s Cloud World conference was a mashup of three industry conferences-¬† Open Source World, Next Generation Data Center (NGDC), and Cloud World.¬† Even with the combining of three (formerly) major industry events, the attendance volume still only merited the West wing of the Moscone Center.

It’s easy to blame the low attendance on the economy, but the low attendance could also have been the rather trite content of the conference sessions.¬† While I of course did not attend all the sessions, those that I did attend left me reminiscing about earlier conferences where there was thought provoking and informative presentations.¬† It’s not that the presenters were not informative.¬† It’s just that there was very little that seemed new or thought provoking.¬† Many of the NGDC sessions, while sporting different titles, were actually covering very similar and overlapping subject matter.

My real mission at the conference was to target those in attendance who are genuinely interested in acquiring Cloud resources, are in the process of building Cloud-based services, or who have been spending time analyzing the Cloud marketplace.  Of those that I spoke to, the following is a summary of their opinions and points of view: