One thing I’m not an expert on is data center security. A story was relayed to me by one of my Sales Engineers that really got me thinking about the topic though.

A while ago we were installing BalancePoint in a new customer site. The customer has a fairly large data center with hundreds of servers. As he began with the installation he requested username / password credentials in order to collect data from a particular set of servers. The customer was eager to get us going so instead of waiting to go through a process to get us Akorri credentials he said we could use the same credentials they use for another product. He asked a coworker if knew the username / password combination. Unfortunately he didn’t remember but offered to go get it. Now my Sales Engineer was expecting him to log into some database or other application to retrieve the need information but instead he got up and walked over to a corner of the room where there was a safe. Yes, a real safe. He opened up the safe, riffled through a number of envelopes, retrieved one and brought it back. Opening the envelope he removed a slip of paper that had the handwritten username/password combination. He entered the information into BalancePoint and then returned the envelope to the safe.

As this story was being told to me I was chuckling. I was thinking to myself how low-tech nobody would want to manage credentials that way. On my drive home from work that day I began to think about the story again. I do most of my best thinking on my 12 mile commutes to and from work! I was still thinking wow, such a low-tech solution but I was beginning to also think maybe it’s not such a bad solution. Just because it’s low-tech doesn’t mean it’s a bad solution. As a matter of fact it’s probably more secure than the high-tech alternatives. Credentials stored on shared media, no matter what type of encryption is used, can still be hacked and accessed. With the physical security of the safe the access control is very well understood. Also, backups of the data aren’t really needed. It’s much harder for slips of paper to get destroyed in a fire proof safe than it is for bits to get destroyed or corrupted on a computer system. I was beginning to convince myself that the credential security scheme they employed may not be so ridiculous afterall. It’s ok to be low-tech. Right?

As I stated at the beginning, data center security issues isn’t something I’m an expert on. I’d be interested in hearing from the experts their thoughts on the topic. I might just go out this weekend and buy a safe for storing my own username / passwords in!

This entry was posted on Thursday, March 15th, 2007 at 7:22 pm and is filed under Akorri News & Opinion, Customer Experiences. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.