A Night to Remember: Engineering Lessons from the Titanic

2825

titanic

Some 31 years ago, the RMS Titanic was discovered resting on the ocean floor.  The legend of its sinking has been retold many times in books and movies.  One compelling aspect of the story is the safety claims made by its creators.  Even as reports of the disaster began to filter into New York, the vice president of the White Star Line stated, without qualification, “We place absolute confidence in the Titanic.  We believe that the boat is unsinkable.”

Obviously reality betrayed those maritime engineers’ confidence.

What lessons might this famous disaster teach engineers in modern data centers? In particular, how do we prevent hostile attacks—the “icebergs” that lurk on the seas we sail—from causing catastrophic breaches?

The confidence of the designers was not completely unfounded.  The ship was divided into 16 compartments, each of which could be isolated by watertight doors.  Up to four could have flooded without sinking the ship.

Data center networks follow a similar principle, called segmentation, with logical divisions designed to protect servers from attack.

Unfortunately, the Titanic bulkheads did not run high enough, so water began to spill from one to the next.  The threat came first from outside the hull, but then increasingly from adjacent compartments.

Likewise, data center engineers increasingly recognize that threats don’t just come from outside, so called “north-south” traffic from external access to enterprise web servers.  They can also come from inside, hostile “east-west” traffic from compromised servers probing for further vulnerabilities.

Normal “east-west” traffic includes, for instance, a customer-facing application querying an internal database to retrieve account information.  But allowing such queries to flow without restriction would be as dangerous as a ship without any bulkheads.  Instead, data centers are increasingly divided into smaller sealed compartments, an approach called microsegmentation.

Automation essential

In 1911, Shipbuilder magazine reported: “The Captain may, by simply moving an electric switch, instantly close the doors throughout and make the vessel practically unsinkable.” While some automatic controls were also available, such reliance on human intervention can become a weakness during the chaos surrounding actual emergencies.

In data centers, such a manual approach corresponds to opening tickets to prompt human operators to open or close firewall settings. That’s not much better than the telegraph from the bridge to the engine room, signaling “Full astern!” as disaster looms ahead.

A more modern approach is to assign each server to an appropriate security group automatically at the moment it’s created, with predetermined settings limiting connectivity only to what is absolutely required. Such an automated approach becomes increasingly necessary to secure thousands of applications, especially as they’re further divided into component microservices.

Of course, the human element remains important, even if people are no longer involved with every transaction. One recommendation from the British report on the Titanic disaster stated: “That the men who are to man the boats should have more frequent drills than hitherto. … Such drills to be recorded in the official log.”

Such directives sound familiar to anyone involved with ongoing security certifications of a modern data center, though admiralty rules has been replaced by Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS).

The senior wireless operator aboard, Jack Phillips, stayed at his post until the end, seeking help from other ships in the area. Afterwards a colleague wrote about his late colleague, “I suddenly felt a great reverence to see him standing there sticking to his work while everybody else was raging about.”

Anyone who’s experienced a data center breach can easily imagine the raging and also understand the need for sticking to the work.

Learning from history and taking steps in advance can help avoid cybersecurity disasters before they happen. Increasingly network security will rely on micro segmentation and automated security groups, along with ongoing training and vigilance.

Heeding the lessons of the Titanic can help modern data center engineers avoid and mitigate fateful encounters with unforeseen menaces, and ensure the only ice they encounter is clinking gently in a glass of their favorite beverage.

Did you subscribe for our daily newsletter?

It’s Free! Click here to Subscribe!

Source: Network World