Issue link: https://insights.oneneck.com/i/1200933
Chapter 4: Workload Control 31 These materials are © 2017 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. customer on the service, the client under attack may actually face a steep increase in their monthly bandwidth bill. There are all kinds of services available today, such as Cloudflare, that can help you protect yourself from DOS attacks, whether you're in the cloud or on‐premises. Compromised firmware Firmware is critical to hardware functionality and gets updates every so often to correct bugs and to add new fea- tures. The unfortunate reality is this: It's not always that dif- ficult to install compromised firmware updates to a server. Compromised firmware can intercept network communica- tions, decode the contents of storage, and a whole lot more. There have been reports of compromised servers being shipped to unsuspecting customers. That's not good. Firmware compromises generally require physical access to the server. This is just one reason that allowing only authorized people into a data center is so important. It's also important to log data center access so security events can be correlated against visitor logs. Staff The weakest link in any security system is the human element. People can make mistakes. People can be bribed. And without comment on whether this is right or wrong, people can uni- laterally decide that their organizations are on the wrong side of history and release a treasure‐trove of information that has wide‐ranging impact. When you're considering your information and security strategy, you need to keep trust in mind and ensure that there is always a second set of eyes reviewing decisions that are made, systems that are put in, and processes that are developed.