Practical application of supply chain assurance. Can you “trust” your data center systems?
July 12, 2018
In previous posts, I discussed supply chain assurance, it’s importance and examples for consequences of a supply chain breach. So now, let’s look at these ideas within the scope of deploying IT systems, specifically, complex data center systems.
Creating and expanding data center infrastructure alone is a daunting and complex process. In most cases, IT department are dealing with multiple vendors, IT service contractors and thousands of part numbers at a minimum. The design, architecture, security hardening and deployment itself is a challenging endeavor, especially considering proliferation of open standards, software-defined automation and hybrid designs that integrate both public and private clouds. You can understand why many companies, overwhelmed with the task of deploying and expanding data center infrastructure, overlook the equally import issue of it’s supply chain integrity. Unfortunately, this oversight puts most companies at risk before the first data center rack is deployed. Your risk of a cyber breach and/or premature system failure increases significantly day one with the potential for embedded malware, malicious tampering, gray-market and counterfeit components. The reality is, this is not an area today companies can choose to overlook. In fact, it needs to be an integrated approach to the design phase of your data center.
For many companies, they lack the resources and expertise to properly vet their vendors and hardware choices while they work through the design of their data center systems. In most cases, design through deployment alone is at minimum a 9-month process. Add to that analysis of the supply chain, integrity testing and security hardening and most companies are over a year to deploy systems. So, what if there is a better approach, where all the design, configuration, supply chain integrity validation and security hardening is provided up front in a turnkey, ready to deploy solution? This has been a focus for CyberCore Technologies over the past year to integrate data center design/deployment with supply chain assurance and integrity testing to enable companies and government agencies to deploy “clean” data center infrastructure with root of trust back to the component level of the system (both software and hardware).
Today, CyberCore Technologies partnered with Hewlett Packard Enterprise, Intel and Red Hat is excited to launch SecurStak, the world’s first: secure, scalable, cloud-enabled data center to your door – via secure transport, Authority-to-Operate (ATO) ready – as a turnkey, single SKU, fixed-price solution (including support). Now, companies, government agencies, systems integrators, or anyone who needs to manage on-premise infrastructure or create a Fed-ramp compliant cloud – can have a PEN-tested, scalable-to-any-size solution, in a fraction of the time of a traditional custom-built approach. Thus, allowing them to focus less on building infrastructure and more on delivering value to THEIR end customer – in a secure, timely manner. The result is a dramatic improvement in efficiency, time to market, and cost savings with average deployment time measured in weeks rather than months and years.
For more information on SecurStak, please visit www.SecurStak.com.