Why the need for data center risk analyses is increasing
The demand for risk analyses for data centers is growing. According to Michael Wörster, Senior Consultant at SECUrisk, a division of the Data Center Group, more and more data center executives are realizing that risk analysis is a fundamental part of data center planning. Because only those who know the risk can take needs-based and economic measures.
"The central requirements of modern data center infrastructure concepts are security with regard to current as well as future requirements and economic efficiency in the sense of a permanent control and optimization of the total operating costs. Every change and adaptation should always be based on a solid analysis of the actual conditions, which covers all relevant parameters from construction technology, air-conditioning, energy supply and safety and thus creates a reliable planning basis", says Wörster, who carries out risk analyses of the existing physical IT-infrastructures and develops proposals for measures with a priority plan and a concrete recommendation for action.
According to the expert, the analysis and planning of IT-areas should always be carried out in accordance with ISO 31010 (Risk Management), taking into account the IT-requirement and the integration of cybersecurity. It requires a high degree of understanding the complex requirements of information technology in terms of their tasks, availability and security. Especially the complex relationships between building services and information systems need to be considered. Only with this knowledge, demand-oriented technical infrastructures for IT and telecommunications systems can be realized location-based.
The risk analysis is divided into several steps. First, the business risk analysis is checked. From it, the availability requirement is determined. On the basis of the current situation, measures are determined to meet the availability requirement. Subsequently, the individual plants and installations are evaluated and classified with regard to their protection requirements. Then, structural and technical concepts are developed, according to the needs.
This individuality makes the comparison of data center projects quite difficult. Depending on local conditions, structural measures may be necessary, which would not be necessary at different location. This procedure can then be applied to all other trades. Structural engineering, cooling technology, power supply as well as security and fire protection technology are considered and the essential prerequisites for a secure and coordinated solution are manufacturer neutrality and product independence.
"A risk analysis includes prioritized policy proposals. With it, the rough costs can already be estimated and the basis for a desired certification can be created. Data center managers, managing directors or board members of a company receive reliable documentation. It shows how the risk can be related to IT and investment and what impact can be incurred if left unaddressed. Even with existing data centers, risk management is an adequate means. It identifies weaknesses that may have been taken into consideration by new IT-requirements for the technical concept", says Wörster.
Wir machen Sie fit. Damit die IT-Infrastruktur auch noch morgen sicher und effizient Ihre Geschäftsprozesse unterstützt.
Wir erstellen für Ihr Unternehmen ein durchdachtes und erprobtes Notfallkonzept, damit im Ernstfall ein koordiniertes und zielführendes Handeln der Beteiligten möglich ist.
Unsere Risikoanalyse ist der optimale Weg für Ihr Unternehmen ein der Zeit und Rechtssprechung angemessenes Sicherheitsniveau zu erreichen.
© DC-Datacenter-Group GmbH
Phone +49 2741 9321-0