Oct 31 2013

The IT Monster in the Closet: Ghost Servers

Corporate data centers are haunted by unused servers that companies know nothing about.

Data centers and server closets are dark, cold and oftentimes, lonely places. So perhaps it’s not surprising that “ghosts” inhabit the space.

According to industry estimates, 15 percent of the servers in enterprise data centers are “ghost servers” — servers that are lightly or unused.

Why should companies be afraid of these IT phantoms? Because ghost servers are a serious drain on your resources.

In a guest post on Data Center Knowledge, Gary Bunyan, a global DCIM solutions specialist at iTRACS Corporation, elaborates on the origins of the ghost server phenomenon.

Why are these power-draining assets called “ghost” servers? Because they are ghosts of what a productive server is supposed to be, no longer of any practical use to the business.

Applications may have been migrated elsewhere to virtual servers, merger-and-acquisition activities may have shifted operations, or the servers may be at end-of-lease with applications removed. For whatever the reason, servers that were once useful are now dead weight. They need to be turned off.

Data center infrastructure management tools can help IT professionals pinpoint where these ghost servers are located and power them off so they don’t suck up energy and take up space.

But cost-savings is just one part of the equation. Ghost servers are also a dangerous vulnerability for businesses. In an article from 2006, Computerworld highlighted a specific instance where a ghost server was used in a spine-tingling data breach at Ohio University.

Someone hacked into an alumni database server and may have stolen personal information on more than 300,000 people and organizations, including 137,800 Social Security numbers.

It also turns out that, according to security logs, the server was compromised by early last year at the latest and that it was being used for a denial-of-service attack against an external target. In short, it was, as kids say, "owned." But that's still not the part that's so frightening.

Here's what's scary: Everyone thought this server was off-line.

That unpleasant testimony should be enough to inspire any IT worker to go ghost busting in their data centers as soon as possible.

Have you ever discovered ghost servers in your company’s data center? Let us know in the Comments.