US Government Turns to DCIM for Cybersecurity
Published on April 11, 2018,
As stated by the Department of Homeland Security (DHS), “Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace. Cyberspace and its underlying infrastructure are vulnerable to a wide range of risk stemming from both physical and cyber threats and hazards. Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services.”
Nlyte has always prided itself on providing the most secure Data Center Infrastructure Management (DCIM) solution for the operations and management of federal data center environments. Beyond providing the most secure solution, Nlyte has been enabling federal agencies with the tools and data necessary to fully optimize their data centers. Nlyte helps federal data center organizations comply with M-16-19 (DCOI), Executive Order 13693, Planning for Federal Sustainability in the Next Decade (EO 13693), and is often the cornerstone of the customer’s IT modernization strategy. More recently our federal clients are addressing their cybersecurity hygiene with our best-in-class DCIM software.
New security threats are being continuously identified which necessitate the latest firmware and software patches to be applied, in order to properly address these vulnerabilities. Many organizations lack a comprehensive list of hardware, firmware versions, and software – potentially opening systems to risk. Over the past several years, there have been multiple programs and guidance released to help improve the security hygiene of the federal government information technology including the Continuous Diagnostics and Mitigation Program and the Executive Order 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure (EO 13800).
The CDM specifically requires agencies to inventory the hardware (HWAM) and software (SWAM) on their networks. The Nlyte data center software solution stack has been reviewed by DHS as an “approved” product to address these areas of the CDM. Nlyte’s DCIM software solutions are designed to provide organizations with a complete understanding of and governance over the devices and software in their compute environments. This in turn, helps to guarantee the integrity of assets and to harden the security posture of the organization.
Nlyte allows agencies to manage and strengthen the chain-of-custody of all data center assets from procurement through decommissioning. In addition, Nlyte provides a holistic understanding and baseline of all of the resources connected to the network and a centralized solution to allow organizations to govern all changes occurring at the physical level of the IT infrastructure. By doing this, government agencies have the means to determine what assets could be at risk and which are being modified, moved, decommissioned, managed, unmanaged, and or even mismanaged. Baselining the current state of hardware on the network and managing all planned/approved changes empowers organizations to evaluate if unplanned changes/adds, whether benign or malicious, have been introduced into the compute environment.
In addition to providing an inventory of the agency’s physical hardware assets, Nlyte supports the agency’s ability to bring their software inventory under management. Nlyte delivers an agentless solution that provides agencies a repository including all hardware, software, configuration, services, and circuit information. Nlyte extends its discovery and asset repository beyond the data center including all attached devices to the IP network (Cameras, IoT devices, Printers, Copiers, Fax, etc.) regardless of the operating system (i.e. Microsoft, Linux, UNIX, MAC).
EO 13800 mandates that agencies are to maintain reliable, redundant, and resilient systems, assess and address their electricity disruption incident response capabilities, identify and resolve known vulnerabilities in operating systems and hardware, and adhere to the NIST Cybersecurity Framework. While many DCIM vendors only focus on the IT asset management needs of data center operators, Nlyte provides a single solution that bridges the IT and Facilities teams who manage the data center environment.
This includes providing advanced monitoring and alarming capabilities to track energy and environmental metrics for identifying, mitigating, and responding to potential vulnerabilities, all in accordance with EO 13800 and the NIST Framework.
Nlyte goes beyond providing real-time telemetry on the equipment in an agency’s data center. We arm our customers with the ability to establish alarm thresholds that, if crossed due to a power or cooling incident, kickoff predefined workflows (that can be connected to any change management software solution) to notify and mobilize the appropriate personnel to respond immediately. The Nlyte solution also provides power failure simulation capabilities to identify potential redundancy vulnerabilities and determine what systems may be impacted by power or device failure. These simulations ensure maximum uptime by proactively analyzing the results of potential failures before they happen. Additionally, they ensure that the agency is doing as much as possible to provide reliable, redundant, and resilient systems (let alone avoid costly downtimes).
In light of this Administration’s technology agenda to leverage data as a transformative asset while ensuring accountability, the Federal Government is affording its agency ecosystem the opportunity to integrate commercial information resources as a springboard for IT infrastructure modernization. Moreover, given the emphasis on cloud-first strategies teamed with an integrated approach to mission-delivery, the Data Center Optimization Initiative (DCOI) promotes data transparency opportunities for agencies and ultimately showcasing efficiencies to citizens.
In the age of tighter scrutiny on federal IT budgets and increased cybersecurity threats, Nlyte is proud to provide a foundational solution to help our government clientele address so many of the federal IT modernization goals that they are implementing in support of our Nation.