As organizations increasingly measure environmental impact towards their sustainability goals, many are focusing on their data centers.
KPMG found that the majority of the top 100 companies measure and report on their sustainability efforts. Because data centers consume a large amount of energy, Gartner predicts that by 2027, three in four organizations will have implemented a data center sustainability program, which often includes implementing a green data center.
“Responsibilities for sustainability are increasingly being passed down from CIOs to infrastructure and operations (I&O) leaders to improve IT’s environmental performance, particularly around data centers,” said Autumn Stanish, Senior Principal Analyst at Gartner. “This has led many down the path of greater spending and investment in environmental solutions, but environmental impact shouldn’t be the only focus. Sustainability can also have a significant positive impact on non-environmental factors, such as brand, innovation, resilience and attracting talent.”
Organizations increasingly building green data centers
The International Energy Agency (IEA) found data centers account for 1 to 1.5 percent of global electricity consumption. Reducing energy consumption is often a top priority when designing and building a green data center. Because AI uses more computing power than traditional methods, data centers are increasingly using more energy, which is only predicted to increase as use cases for AI continue to expand.
The term green data center does not refer to a single technology, but instead a strategic approach designed to more efficiently use resources that starts at the very beginning of the process. Every decision regarding processes, environment and technology is made with sustainability as a top priority. For example, green data centers often use a smaller physical space and typically use low-emission materials in construction.
However, green data centers add new cybersecurity risks as well as increase known risks. Organizations must keep cybersecurity at the center of each green data center decision.
Here are five green data center trends to consider in terms of cybersecurity when designing and implementing a green data center.
1. Advanced cooling technologies
Many green data centers reduce their reliance on traditional air conditioning by using advanced cooling techniques, liquid cooling or precision cooling. These techniques often use IoT devices for monitoring temperatures and energy use. However, IoT devices can provide entry points for cyber criminals to access the network and all connected systems. Additionally, IoT devices expand the potential attack surface area.
By proactively taking steps for each IoT device, organizations can effectively use advanced cooling techniques without significantly increasing their risk. As part of the installation process for each IoT device, administrators should change the preinstalled passwords with complex passwords. Many organizations also use a VPN local virtual private network for IoT devices to limit access to other systems in case of a cybersecurity incident.
2. Extending life of equipment
Purchasing new equipment regularly for a data center increases its environmental impact as well as costs. Many organizations are using upgrades, refurbishments and efficient maintenance to extend the lifespan. However, older equipment may have more cybersecurity vulnerabilities and be less likely to use the latest (and most secure) technologies and techniques. By regularly evaluating the benefits of continuing to use a piece of equipment for sustainability reasons with its cybersecurity risk, organizations can make a balanced decision. Additionally, installing all updates in a timely manner also reduces risk.
Explore cybersecurity services3. Virtualization
A common technique to reduce resources in data centers is virtualization. Because virtualization involves creating an abstract layer over computer hardware, organizations can use less physical equipment, resulting in lower energy consumption. A single physical server often runs multiple servers. Because virtual servers consume less energy, this often significantly reduces energy consumption.
However, virtual servers contain more entry points for breaches and attacks than physical servers. Additionally, cyber criminals often target the hypervisor that manages the virtual machines. By compromising the hypervisor, threat actors take control of a large portion of the data center and can inflict significant damage, especially through a ransomware attack.
Organizations can reduce their virtualization risk by ensuring that the user privileges for the virtual machines and hypervisor are appropriate for each person’s work-related tasks. By using segmentation in virtualized environments, cyber criminals can only access a small portion of the network and systems, which limits damage. Additionally, organizations should regularly audit which users have escalated privileges in a domain controller to reduce attackers waiting in the wings.
4. Renewable energy sources
By shifting from such as fossil fuels to renewable sources like solar, wind or hydropower, data centers can decrease their reliance on non-renewable energy and reduce the emission of greenhouse gasses. Because solar and wind farms are often in different locations than the data centers themselves, using these energy sources creates a larger attack area that increases the risk. Additionally, each system used for the new energy source adds to the surface area as well. Renewable energy sources also often use the power grid and the internet, which creates new sources of vulnerability. Because these energy sources often contain a high volume of sensitive data, organizations must proactively mitigate the risk of a data breach and compliance issues.
5. Data center infrastructure management (DCIM)
Green data centers typically use a DCIM to monitor and manage all aspects of the data center infrastructure, including power distribution and cooling systems, from a single location. Because of the real-time monitoring of power consumption, organizations can identify issues and make changes quickly to reduce the environmental impact instead of waiting until after the impact has occurred.
Due to its integration with other systems, the DCIM creates a target for attackers to gain access to other data. The high level of integration makes it possible for threat actors to gain access to the DCIM from other interconnected systems. Organizations must focus on creating strong access controls to make sure that only authorized users gain access to reduce data leaks and breaches.
Balancing security and sustainability
Because sustainability is the top concern with a green data center, organizations can inadvertently make decisions that increase cybersecurity vulnerabilities. With a balanced approach that considers both sustainability and cybersecurity, organizations can reduce the environmental impact of their data center while also reducing the risk of a breach or attack.