Is Perf-iT’s DCIM software secure?

Wannacry and other malware attacks have raised a number of questions among our clientele. People ask us about their vulnerability and what we do to keep the security of our DCIM software updated.

We have always been aware of the importance of security in our software. For that reason we have based our DCIM suite on the ICONICS™ platform, an award winning analytics and visualization environment. The best possible reference is that ICONICS is deployed at the Pentagon, the headquarters of the US Defence Department. There is probably no other place in the world where security is under scrutiny like here. Annually the Cyber Emergency Response Team reviews ICONICS for weaknesses against hack attacks and other malicious acts. The fact that the Pentagon has been using ICONICS since 1997 must indicates a solid security background. We can only confirm that from our point of view nothing beats the solid architecture of ICONICS. Read the customer success story about the Pentagonhere. It makes you appreciative of our DCIM being based on the same solid foundation that protects the Pentagon and other high profile facilities.

What’s next?

Having said that, securing the DCIM software alone will not guarantee that your data centre is carefree. Since more and more infrastructure devices get ‘connected’ the vulnerability of the data centre increases day by day. ‘Industry 4.0’ leads to sensors, PLC’s, cooling equipment, energy management equipment and other hardware being ‘networked’ and often remotely managed. The amount of (potential) weaknesses has grown in such a way that no person nor spreadsheet is able to keep track. Facility Management and IT need to to work together to fight attacks from outside and inside (records show that a large amount of cyber criminality takes place from within the company itself).

Securing the operational technology (OT) layer is a specialist’s job. Perf-iT teams up with outside specialists in Industrial Cyber Security. They have a long history of protecting OT in many industries like energy, transportation, oil and gas, chemical and pharmaceutical. Now we can offer to protect your network, including all your non-IT equipment and continuously monitor your threats and vulnerabilities. This service uses machine learning and other intelligent techniques to detect unfamiliar activities and assess vulnerabilities like unauthorised remote connections and unpatched or unknown devices.  It is a plug-and-play solution that acts as an invisible layer covering the OT network. First it scans and detects all devices on the network. It keeps track of all vulnerabilities of each specific device. Then it analyses all communications between them and models it as a state machine thus providing a high detection rate. When a new state is defined malicious it generates a real-time alert to the network operator.

Can we help you to secure your assets?

We are confident and pleased that we can respond to your request for expanded security monitoring of your OT layer. Feel free to ask us for more information on this service. Together with our partners we can offer a full Industry Cyber Security (ICS) assessment that will generate a detailed yet comprehensible report on your vulnerabilities. Call or mailus for more details.