National Institutes of Health Has Strong Data Center Security

October 1, 2012

The lifeblood of many government operations runs through the data center so it needs atypical physical and logical security.

The National Institutes of Health (NIH) data center, administered by the NIH Center for Information Technology (CIT), is a multi-system, federal data center that provides high-speed connectivity and host processing for the applications of NIH and other federal agencies throughout the United States.

In addition, CIT offers co-location services for customer-owned equipment, both on campus at the NIH Data Center and off campus in northern Virginia. The center provides a secure computing environment suitable for hosting critical applications and sensitive data. The data center’s staff members manage and monitor all host systems to ensure continued availability and effective operations. CIT’s security management program continually reviews and refines security operations.

As a federal government facility, the NIH data center abides by all federal government information security policies.

Physical and environmental controls protect the machine room itself from interruptions and unauthorized intrusions, and technical controls on all platforms provide the capability to protect applications and data from unauthorized disclosure and manipulation.

A security officer is stationed at the main entrance to the data center 24 hours a day, seven days a week. The center has a continuous power system, physical access control procedures, climate control, and a central backup and recovery system. Security management and operations procedures exist for all platforms to ensure the confidentiality, integrity and availability of customer applications and data.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.