Going green is good, but is it secure?
Zero carbon doesn't have to mean vulnerable
Quocirca's changing channels The environmental impact of IT is an issue under much scrutiny recently, but not much thought seems to have been given to the security consequences of "going green".
Having thought it over, Quocirca has come up with an answer. There are two broad themes that affect the job of chief information security officers (CISOs) if businesses are serious about greening their use of IT.
The first is a positive one: on the whole more IT infrastructure should end up housed in more resilient and secure data centres; the second is more negative - from the CISOs view point at least - businesses will have to accept, indeed embrace, even more open and flexible use of IT, often requiring access over the internet.
Greening IT requires three issues to be addressed: facilities, infrastructure, and usage.
By facilities we mean the locations where IT is used – data centres, offices, and in the field. The latter two are harder to control, but a data centre has the potential to be managed very efficiently, where there is a will.
Twenty-first century data centre design is all about efficiency, and fortunately that can also mean green. Efficient cooling, minimising energy requirements, and reuse of heat have been covered in other articles by Quocirca. All save power costs and reduce CO2 emissions. A lower carbon footprint is good – but what about zero carbon?
To be clear, zero carbon is different from carbon neutral. It means deriving all energy requirements from sustainable power sources, not just offsetting those of dirty power derived from fossil fuels – coal, oil, and gas. Putting nuclear power to one side for now, this means hydro, wind, solar, tidal, and geothermal power. Making use of such power sources is already a reality.
Google is building new data centres in remote locations near hydroelectric schemes. Yahoo! is talking about locations such as Switzerland and Iceland. UK co-location provider Centrinet has a carbon zero data centre in remote and windy Lincolnshire. These data centres are located close to power generation as it is more efficient to transmit data than electricity and there is less competition from other human activity. In the future, who knows, solar powered data centres in the Sahara?
This is all possible, but the remoteness of such zero carbon power generation locations makes them a long way from users. So while such locations are quite easy to make physically secure and will provide a resilient infrastructure for housing IT, the data they generate will have to be transmitted over long distances. For reasons we shall come to, this journey will often be over the internet.
Great, so long-term there is potential to make data centres zero carbon. There has also been much coverage of how to make the infrastructure it's housed within more efficient using consolidation, virtualisation, and so on. But surely there is as much power used by IT infrastructure scattered around offices and carried by employees in the field. Not much can be done about that, surely? Well yes, quite a bit actually.
First, power management applications can help in offices, although in the field you have to rely pretty much on the common sense of employees (often problematic – agreed). But there is plenty of scope for consolidating infrastructure into the "carbon friendly" data centre.
Many workers only use IT in the office and can be served by thin-client computing or blade PCs run out of data centres, considerably reducing the use of power at the desktop. Branch office computing requirements can also be served out of data centres, reducing power usage and keeping network "heavy lifting" between "clients" and "servers" local to the data centre, rather than across wide area networks (WANs).