Running head: BUILD & SECURE DATA CENTER1

Build & Secure Data Center

Western Governors University

BUILD & SECURE DATA CENTER 2

Table of Contents

Proposal Overview......................................................................................................................................3

Problem Summary..................................................................................................................................3

IT Solution...............................................................................................................................................4

Implementation Plan................................................................................................................................4

Review of Other Work.................................................................................................................................5

Project Rationale.........................................................................................................................................7

Current Project Environment.......................................................................................................................9

Methodology.............................................................................................................................................10

Project Goals, Objectives, and Deliverables..............................................................................................11

Goals, Objectives, and Deliverables Table.............................................................................................12

Project Timeline with Milestones..............................................................................................................13

Outcome....................................................................................................................................................14

References.................................................................................................................................................16

Appendix A:..............................................................................................................................................17
BUILD & SECURE DATA CENTER 3

Proposal Overview

The problem FakeBiz is currently experiencing is that since inception it had never had a

need for a physical data center. Data centers are extremely complex and can provide many

challenges for a company. FKM Enterprises has been awarded a contract to design, build and

secure the new data center for FakeBiz. FKM Enterprises with work with FakeBiz and SoftMicro

to migrate the existing infrastructure to the new datacenter while also creating and implementing

security measures.

Problem Summary

FakeBiz which began as a reseller of communications services has now grown to regional

service provider and is now looking to compete with larger companies in the same business

space. With the growth and their aspirations to take on bigger providers they are confronted with

a problem. The problem being that their current environment is running slow because they have

virtualized the systems and their network with a third-party cloud provider named SoftMicro.

FakeBiz has system and network administrators as well as engineers on staff but they are having

a difficult time managing theory systems because they have implemented an Infrastructure-As-

A-Service (IAAS) model that cannot meet their needs. As another issue, SoftMicro’s datacenter

was physically compromised last month and confidential data was breached. The incident

happened when 2 people impersonating maintenance employees entered the data center to repair

a condensing unit issue. Luckily FakeBiz’s customer data was not affected by the breach. This

latest event prompted FakeBiz to look at other option that would ensure physical security of the

company’s data. SoftMicro has agreed to ship the hardware FakeBiz has purchased as part of the

agreement to the new facility.

BUILD & SECURE DATA CENTER 4

IT Solution

FKM Enterprises has proposed to migrate the existing infrastructure that is currently

being hosted by SoftMicro. FKM Enterprises will survey the area designated by FakeBiz to be

the new data center. After the survey we will draw up the floorplan. We will coordinate the

transportation of the racks and server hardware to the new facility. We will then reassemble the

racks and server hardware in the designated locations and connect them to the corporate network.

During the coordination with SoftMicro we will install the security measures to ensure there will

be no unauthorized access breaches. FKM enterprises will accomplish this with the help of its

empl0yees and assistance from the FakeBiz IT department once the space is ready for

installation. The proposed security solution would secure doors with magnetic locks with badge

reader access. We will also install security cameras, security desk, emergency exit signs, any and

all standards require by local code ordinances and the risk management framework.

Implementation Plan

The project will begin shortly after the site survey is completed and the designs are

approved by FakeBiz stakeholders. A basic floor plan was provided to us by FakeBiz to use

while performing the survey. Although not currently listed on the floor plan the new data center

space already has the necessary ventilation to support a data center including a raised floor with

electric and cable management systems for the data cabling. The new space also has an

operational FM200 fire suppressant system. Once the plans are approved, we will begin

installing the security appliances such as the bad readers, magnetic door locks and surveillance

cameras. In tandem we will be coordinating the transportation of the racks and server hardware

with SoftMicro and working with FakeBiz’s business internet team to install a new 10GB optical

carrier circuit (OC-192) to support the new traffic that FakeBiz is projected to have. We will
BUILD & SECURE DATA CENTER 5

monitor the progress of the installation of each server and security appliance to ensure that we

stick to the prescribed timeline.

Review of Other Work

1. Having a data center adds another level complexity in your environment. Having control

of the data center is very important. Control over not only the cooling, but the

infrastructure and the security. I reviewed “5 steps to secure your data center”. It is an

article on how to secure your data center properly. The first step in the article states to

“get physical”, they are stating that the physical access needs to be closely guarded. The

article states that data center managers might begin with more difficult tasks such as

securing access to the servers or network resources. Corbin Miller IT, security manager at

NASA’s jet propulsion laboratory, prefers to start by locking down the physical security

of the data center. (Yasin,2009) During the planning phase many people overlook the

physical security and focus more on patching, network and system access or other non-

physical security tasks. FakeBiz has set priority the physical security of the data center

before installing any of the infrastructure hardware.

2. Amazon Web Services (AWS) manages one of the worlds largest data centers and is good

practice for FakeBiz to follow large IT industry leaders are implementing in their own

data centers. As an example, AWS only allows authorized personnel into the physical data

centers. All employees that wish to gain access to the data center must first request access

with a valid business justification. The justification required are for operational support

purposes and include change requests to upgrade, replace, maintenance or other critical

tasks. The requests when granted follow the principle of least privilege and the requestor

must specify what location, rack and bay in the rack will be affected by the work and also
BUILD & SECURE DATA CENTER 6

a timeframe needed to perform the work. (Butler, C., & Rollnick, S. 2003) Having these

policies in place are to ensure that no change or unauthorized access breaches happen.

Once the request is approved by the authorized personnel the requestor will gain access to

the requested location and is then restricted to the area for the requested time. This entire

process that is followed by AWS will also be part of FakeBiz”s standard data center

operating procedure.

3. Another article I reviewed specifically about migrating from your cloud infrastructure to

your on premise infrastructure because of security concerns stated that 80 percent of the

400 IT decision-makers who participated in IDC’s 2018 Cloud and AI Adoption Survey

said their organization has migrated applications or data that were primarily on the public

cloud back environment to on premise. On the same survey, respondents said they would

plan to move 50 percent of their public cloud application to either a private cloud or non-

cloud environment in the next 2 years. (Haranas, M. 2018, August 13) FakeBiz has the

same concern as the respondents of the survey. Because of the security concerns it has

against SoftMicro they will bring their infrastructure back on premise where they can

control the access to the data center and the systems.

4. The last article reviewed is about when it is best to keep operation on-premise. The writer

of the article states that if you have any systems that need high security, requires legacy

hardware or is critical to the business it is best to keep these systems on premise. Another

reason to keep the systems in house is because transferring data-hungry systems is

uneconomical. This article relates to the same reasons FakeBiz has decided to build their

own data center to secure their systems and data. (Edwards, J. 2019, April 15)
BUILD & SECURE DATA CENTER 7

Project Rationale

Now that you have viewed our proposed solution and the implementation plan, we will

look at why FKM Enterprises is the best choice for your project. There is real risk involved if

your data center is not secured correctly. You could fall victim to theft as did the CI host data

center in 2007. The theft amounted to sensitive data loss and hundreds of thousands of dollars in

hardware were stolen. The CI host data center had multiple successful break-ins. (Goodin, D.

(2007) Many businesses fall victim to this type of crime every year and cause revenue loss,

business continuity issues and loss of credibility. We also have to think about how long it would

take to recover the lost data and stolen hardware. With the solution FKM Enterprises proposed

we can minimize your risk of this type of event from happening.

Let’s take a look at another major concern of FakeBiz. 2017 witnessed some data slip-ups

by the world’s top cloud providers according to the list releases by Cybersecurity Insiders.

Accenture – World’s first Cyber Resilience startup UpGuard discovered that 4 AWS S3 buckets

were not secured properly and exposed 137GB of data and some was siphoned off and sold on

the dark web. Verizon- Nice Systems, a third-party vendor misconfigured an AWS S3 bucket

which exposed the names, addresses, account numbers and pin numbers of millions of

customers. Booz Allen Hamilton – Hired UpGuard to carry out a security assessment of internal

and external computer systems. The assessment discovered 60,000 files were on public access on

an AWS S3 bucket owned by an intelligence and defense contractor of Booz Allen. The cache is

said to have exposed 28gb of senior engineer credentials and password of US Government

systems and many files with no encryption containing password of contractors with top secret

clearance. Republic National Committee – A security flaw in an AWS S3 bucket exposed 198

million voter’s personal information. Election System & Software – This system stores the
BUILD & SECURE DATA CENTER 8

information of all registered voters in Chicago. An engineer accidentally configured the AWS S3

bucket for public access exposing all 1.8 million voter’s personal information including their

social security number. (Goud, N. 2017) These breaches are just a few of the multitude of

breaches that have happened in the past several years. The proposal set forth by FKM Enterprises

will reduce the risk not only by physically securing your data center but by bringing your

infrastructure to your facility. Having your data on premise would add a secondary layer of

security as a hacker would need to break into your public network to gain access to the private

network and then would have to find where on your private network the servers with the

sensitive data reside.

BUILD & SECURE DATA CENTER 9

Current Project Environment

On appendix A you will find the barebone floor plan provided by FakeBiz. With this floor

plan we can begin to place and install the proposed security measures. The area allocated for the

data center is within a building that is currently patrolled by guards on a 24/7 basis. The

approved area currently has HVAC installed to support the new data center hardware and keep

the location in the optimal temperature and humidity rage of 70 degrees and 45% humidity

(“Recommended Data Center Temperature & Humidity”,2017) It is imperative for the life and

functionality of the hardware being installed in the data center are kept in a climate controlled

area with the prescribed temperature and humidity. The doors in the proposed area have

magnetic locks in place but do not have security controls. The data center space has no security

personnel in place. The data center has 2 redundant power sources available to maintain the

operation of the center if commercial power were to fail. There is a raised floor from the hallway

through to the communications closet. The raised floor is also prepped to install future hardware

racks. This is a plus as we will not have to prepare the floor to support the extra weight of the

racks with the installed hardware. Below the raised floor we found electrical wiring to each area

that is prepped for rack installations. We also noticed that the power was evenly distributed

between 8 distribution points that led back to a four 40KVA online ups units that were attached to

commercial power and to a generator bypass. During inspection we found that the subfloor also

had the required conduit to run the redundant data cabling needed for the hardware being

installed. Each rack location had 2 conduits so we can run cabling from 2 different segments of

the network which would provide redundancy and better availability of the systems.
BUILD & SECURE DATA CENTER 10

Methodology

For the project we envisioned using the SDLC methodology since it works very well for

the data center migration. We begin with the;

1. Planning- In this stage we took the floor plan provided by FakeBiz and we analyzed

the current state and envisioned the future state of the space.

2. Design- In this step we took our vision and designed the space to include our security

measures and placement of the hardware being transported in from SoftMicro. We

also looked at ways to minimize the down time users and customers would be

affected because of the migration.

3. Implementation- This stage is where we will begin to install the security measures

such as the badge readers, cameras. In this stage we will work with FakeBiz &

SoftMicro on the logistics for the transportation and installation of the racks and

servers.

4. Testing- During this stage we will begin to test and validate the security solutions

have been installed properly and validate the functionality of them. Likewise, we will

be testing the hardware that was migrated from SoftMicro and ensure it is operational

and has been integrated with your local network and can be accessed internally and

externally.

5. Maintenance- This stage will be FakeBiz’s responsibility as we would have already

delivered the finished products to FakeBiz. You company would need to maintain the

systems that have been installed on an ongoing basis while also reviewing the current

system and determining if improvement will be needed in the future.

BUILD & SECURE DATA CENTER 11

Project Goals, Objectives, and Deliverables

The proposed project plan with achieve the required deliverables set forth by Fakebiz.

The goal of the project will be to build a functional and physically secure datacenter. To support

the successful completion of the goal there will be several objections. The first objecting will be

to provide FakeBiz a datacenter design with the required security elements to ensure the facility

is protected against unauthorized breaches. We will also be including a floor plan that would be

used to show placement of the migrated hardware and the locations that can be used for future

expansion of the datacenter. The second objective will be to provide FakeBiz with a standard

operation procedure (SOP) manual to assist FakeBiz with the continual support and operations of

the datacenter and its systems. With the manual they will be able to maintain and operate the

datacenter and standardize the operations. It will also assist with headcount planning as it will list

the roles and responsibilities of all the roles needed to maintain the datacenter efficiently. The

last objective will deliver the physical data center including the migrated hardware from

SoftMicro. This objecting will also deliver the installation of all structured cabling required to

interconnect all the arriving systems to the current network via the provided switches and a new

10GB internet connection to support the projected new traffic. During the installation of all the

cabling We would require the cabling vendor to tag, label and validate each run. A report would

be required for each run and the report would include the range capable of the cable including

the category ethernet and the throughput of the cable. We will also be working with SoftMicro to

coordinate the transportation of the racks and servers. We will also work with SoftMicro to view

usage pattern reporting to schedule the migration during off hours or low utilization times to

minimize user and customer impact.

BUILD & SECURE DATA CENTER 12

Goals, Objectives, and Deliverables Table

Goal Supporting objectives Supporting objectives

An overall datacenter design Provide a datacenter floor plan to

Build a functional and secure Floor Plan rack details accommodate new hardware
datacenter for FakeBiz

Detail the data center security

Provide security appliance placement
design

Datacenter management plan Create an SOP for datacenter operations

Installation of server hardware Install all hardware, cabling, and ISP

from SoftMicro, data cabling connection with the help of Fakebiz IT
and the installation of a new engineers and SoftMicro
10GB link
 BUILD & SECURE DATA CENTER 13

Project Timeline with Milestones

Duration
Milestone or deliverable Projected start date Anticipated end date
(hours or days)
Overall Datacenter
3 days 12/02/19 12/04/19
Security Design
Floor plan with rack
4 days 12/04/19 12/09/19
location and systems
Datacenter management 4 days 12/09/19 12/12/19

plan
Hardware, Cabling and 21 days 12/09/19 12/30/19

10GB link installation

BUILD & SECURE DATA CENTER 14

Outcome

The project will be focus three main outcomes: To migrate the existing hardware from

SoftMicro to the new FakeBiz datacenter and to secure the datacenter to prevent unauthorized

access. To measure the success of the migration we will monitor the progress of the progress of

the hardware installation deliverable to ensure it is on track. To be considered successful we

would have to continually hack checkpoint meeting to review where we are in the process and to

ensure there are no blockers or issues that may be preventing progress. Since this phase of the

project is 21 days, we would need to ensure that we work with the FakeBiz business internet

team and the wiring vendor to ensure the complete their tasks in 7 days. During the installation

of the cabling we will coordinate the migration with SoftMicro for the transportation of the racks

and servers to begin on day 8 of the phase. This would allow 14 days to complete the migration

to the new facility. To measure the success of the migration phase we would ensure that 50% of

the hardware be completed by day 12. This tells us that we can migrate the remaining 50% of

hardware in 5 days which would leave 6 days to test, validate and correct any issues.

The second measurement would entail the security of the facility. This would be measure

by ensuring that we have all the surveillance, access control, and security personnel are in place

by the 8Th day of the of the hardware installation day. This deliverable is needed this early

because by the 8Th day we will have SoftMicro delivering the first shipment of racks and servers

that will be installed in the new datacenter. The completion of the security phase would be the

deciding factor if we would be able to begin the installation for the hardware from SoftMicro on

time. The success of this phase will be measured by the fact that the installation phase started on

time.
BUILD & SECURE DATA CENTER 15

The third and final measurement is stakeholder acceptance. Ensuring that the customer is

happy with the deliverables and the outcome of the entire process taken for the project to be

completed. As FakeBiz continues to grow and enter new markets the size of the data center will

be able to grow to support the new data and infrastructure requirements.

BUILD & SECURE DATA CENTER 16

References

Butler, C., & Rollnick, S. (2003). Compliance. Retrieved November 20, 2019, from
https://aws.amazon.com/compliance/data-center/controls/.

Haranas, M. (2018, August 13). Businesses Moving From Public Cloud Due To Security, Says
IDC Survey. Retrieved November 20, 2019, from https://www.crn.com/businesses-moving-from-
public-cloud-due-to-security-says-idc-survey?itc=refresh.

Goud, N. (2017, October 24). Top 5 Cloud Security related Data Breaches! Retrieved November
20, 2019, from https://www.cybersecurity-insiders.com/top-5-cloud-security-related-data-
breaches/.

Goodin, D. (2007, November 3). Masked thieves storm into Chicago colocation (again!).
Retrieved November 20, 2019, from
https://www.theregister.co.uk/2007/11/02/chicaco_datacenter_breaches/.

Edwards, J. (2019, April 15). When It's Right to Keep Operations in On-Premises Data Centers.
Retrieved November 21, 2019, from https://biztechmagazine.com/article/2016/12/when-its-right-
keep-operations-premises-data-centers.
BUILD & SECURE DATA CENTER 17

Appendix A

FakeBiz Floor Plan