Server security. It’s kind of a big deal.
But we don’t have to tell you that. As an IT leader, you understand the critical role that server infrastructure security plays in a company’s IT transformation. It’s a top priority that runs across all IT initiatives.
Today’s IT departments juggle multiple things at once, often struggling to keep up with changing security demands. They must ensure that their systems are up-to-date and able to perform in this ever-evolving environment. Not an easy task, considering most are working with limited resources (fewer staff, outdated hardware and budgetary confinements).
Dell EMC commissioned a study to dig deeper and gain a better understanding of the value of secure server infrastructure. In the study, IDC surveyed over 300 IT users from medium companies to large enterprises. The results shed even more light on the critical importance of security at the hardware/firmware level. Specifically, it analyzed:
- Who is responsible for server infrastructure security?
- Do most organizations have a recovery plan in place?
- How important is security when evaluating server infrastructure?
- How much value is placed on the IT vendor partnership?
Infrastructure Security – Who is Responsible?
Almost half of the companies surveyed use a dedicated team responsible for providing server infrastructure security. Smaller companies typically rely on server administrators to identify security issues, while larger organizations rely more on the dedicated security team. It’s also common for companies to lean on their IT vendors for help in monitoring and recovery.
Nearly 90% of firms have a documented recovery plan (side note: if you’re in the 10% who don’t, what are you waiting for?). But even then, some of the plans are incomplete or don’t incorporate all aspects of recovery. Historically, the focus has been on application and networking server security, but the rise of sophisticated low-level hardware-centric attacks, often a result of vulnerabilities in the OS, is changing that. Almost half of the businesses surveyed experienced a hardware/firmware attack or a breach in the past.
Importance of Choosing the Right Server Infrastructure
Given the importance of protecting data, it’s no wonder that security “takes the top spot when it comes to evaluating the purchase of server infrastructure and the features/functions.”[i] Respondents ranked hardware security highest in importance – even higher than total cost of operations. When it came to priorities for selecting servers, the security of firmware and patches took the number one spot.
Here’s Chris Marsh, VP of technology from Golden Frog on the crucial role that secure hardware plays in their business and why they chose PowerEdge servers.
IT Vendors, A Partnership Built on Trust
Companies place a high value on their relationships with IT vendors, especially when it comes to security. Vendors must build security into every design step, including hardware and firmware. IT departments trust them to proactively identify and patch firmware bugs, and if needed, restore to a known good state.
When it comes to security, it’s crucial that vendors stand behind their products. They should also play an active role in monitoring the server for breaches. While that doesn’t take the monitoring role away from the company’s IT department, it adds an extra layer of protection and therefore a greater level of security.
If a security issue does arise, the vendor needs to be right there working with the organization to get them back to a known good state, researching the problem and taking steps to ensure that sure it doesn’t happen again.
Vendors can also assist with preventative maintenance, again complimenting what the IT department is doing. Repeatedly, companies stress the importance of developing that high level of trust with their IT vendors. These relationships are key.
Security plays a critical role in an organization’s IT transformation. Most IT departments realize this, and place a high importance on making sure they have a recovery plan in place, choosing the proper server infrastructure, and maintaining a close relationship with their IT vendors.
To read the full analysis and compare how your server security measures up to those surveyed, download the complete IDC white paper, The Value of a Secure Server Infrastructure.
Source: An IDC White Paper, Sponsored by Dell EMC; Nadkarni, Ashish; The Value of a Secure Server Infrastructure.