Threat: Dave the Service Technician

ComputerServiceSmall

Dave is responsible for adding, upgrading and repairing systems. Without Dave, things will quickly go downhill in your data center.

While Dave is responsible for maintaining system integrity, he can also compromise it:

  • A drive has failed in a RAID5 set. You need to replace the failed drive and rebuild the RAID. Oops! Pulled the wrong drive. The RAID set has gone from degraded to dead. Time for a recovery operation!
  • Server17 in a rack of 36 1U “pizza box” servers needs to be power cycled. Dave hits the power button on Server18…
  • There is a short circuit in power distrubution unit in the server rack. Now you have 36 systems down!
  • Dave moves the wrong network cable in the wiring closet.
  • Don’t even think about what happens if Dave slips and bumps the Big Red Button!

EmergencyPowerOff

And if Dave happens to be malevolent, he can do things like:

  • Slip a laptop or other small computer into the wiring closet and have it snoop the internal network for data.
  • Connect internal networks directly to the Internet.
  • Steal parts, supplies, and even complete systems. Look at the number of cases where good boards are replaced and then sold on Ebay…

Basically, Dave is a proxy for all of the physical threats to system integrity that can occur in the data center.

About Russell Doty

A technology strategist and product manager at Red Hat, working on the next generation of open source systems.
This entry was posted in Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s