Born this Way: Higher Security for High Speed Computing
Latest News
May 24, 2017
By C.K. Kumar, marketing executive, Dell EMC
When William James, the famous American philosopher and author said “A chain is no stronger than its weakest link,” he was surely referring to IT system security a century later. Not surprisingly, IT system security is a key pressing concern on every IT professional’s mind. IDC predicts that, by 2019, 70% of major multinational corporations with roots in the U.S. and Europe will face significant cybersecurity attacks aimed at disrupting the distribution of commodities. Because high performance computing (HPC) presents some unique security challenges, these concerns are only magnified in scale and scope.
HPC, which typically involves a large cluster of computing resources, is used in research and academic settings, including areas of national security. But in an increasingly data-driven world, HPC also has become a key driver of business. And where there are profitable business opportunities or critical data of national importance, these systems become a serious target for malicious and criminal organizations. While enterprise-level security issues are well-understood and protected, HPC presents some interesting challenges that make it especially vulnerable to imminent security threats.
- Centralized command structure: Centralized administration structure for rapid processing makes clusters more vulnerable to attack from a centralized point.
- Diverse and disparate: HPC architectures and supporting ecosystems are typically cobbled together from a diverse set of vendors, with a varied development processes around security.
- Detection: In large clusters—a diverse set of compute resources (processors, storage, network)—the complexity of detecting normal compute behavior vs. malicious behavior continues to worsen.
- Virality of risk: Large interconnected, inter-dependent systems like HPC clusters exhibit unique risk propagation and management challenges. It is, therefore, critical that a security breach be rapidly detected, and its remediation be effective.
IT security needs to be approached in a comprehensive, holistic way. In other words, it needs to be a built-in, not a bolt-on approach. At Dell EMC, security is an essential consideration and is an integral part of the server development process. We can consider this security approach at two broad levels.
1. Assurance at the hardware level. A simple but ingenious approach to creating robust security is to infuse it into every building block of the HPC environment. Dell EMC employs a cyber resilient architectural framework with a diligent security development lifecycle (SDL) process in the development of PowerEdge™ servers. Security is a primary consideration at every step of the way as every server feature is conceived, designed, prototyped, implemented, set into production, deployed and maintained.
However, increased assurance at the building block level may not be enough. Which brings us to …
2. Assurance at the system level. To protect the systems further, we need to secure the entire ecosystem around the server. Dell EMC is uniquely positioned to manage the critical server supply chain and, by adhering to National Institute of Standards and Technology (NIST) guidelines and specifications, Dell EMC vets and validates PowerEdge servers at the sub-system level as well. This approach of fortification by securing the complex, disparate server ecosystem enables creating secure building blocks for OS and applications, and provides assurance along the entire lifecycle of the server cluster.
As organizations rapidly adopt HPC to solve business and national interests, the security challenges continue to grow in both scale and scope. Dell EMC offers a robust approach to tackling IT system security, which begins at the server design phase and continues as customers acquire, deploy, update, repurpose and retire their computing infrastructure.
This diligent security-minded design process, adopted to mitigate threats to IT system security in Dell EMC PowerEdge servers, can only serve to strengthen existing weak links in the server security chain.