Product category:
Training Aids and eCommunication
News Release from: Storage Expo | Subject: Storage Expo 2006
Edited by the Manufacturingtalk Editorial
Team on 18 September 2006
Data Storage Security
Today, industry trends are forcing security in the data centre to be re-thought.
Today, industry trends are forcing security in the data centre to be re-thought In particular, the trend towards consolidation results in increasingly centralised data storage which in turn creates new security vulnerabilities
This article was originally published on Manufacturingtalk on 11 Jul 2006 at 8.00am (UK)
Related stories
Successful Backups are Not Enough
Data protection requirements have moved on from the purely technical question of "Did the backup work?" to the much more complex question of "Is my business protected?"
Do I really need to archive all this email?
Storage managers are waking up to the realisation that they need to dedicate a large amount of storage to email.
It is commonly understood that the majority of security breaches originate from an internal rather than an external source.
According to the FBI and the Computer Security Institute, 50-80% of all attacks happen from inside company firewalls.
Of those companies surveyed, 73% of them reported that they'd experienced some form of internal security breach over the past year.
Further reading
NHS Foundation Trust Chooses Dell
University Hospital Birmingham chooses Dell EMC CX700 SAN, Dell 2650 PowerEdge servers and Dell Professional Services to enhance its storage and email environments
Meeting the needs of modern healthcare delivery
CA BrightStor enables laptops to carry out local backups while disconnected from the network
Top four business reasons for email archiving
Email generated by the corporate world continues to grow dramatically and storage-related costs of email are an escalating concern for IT executives.
Within a consolidated data centre there is often little separation between the people that manage the data storage devices and the information that sits on it, providing them with unrestricted access to sensitive data.
This means that an organisation's security may be well ordered from a user perspective but wide open to third parties such as short term technical consultants and technical staff within the data centre.
There are now devices that encrypt data as it moves into the storage environment, divorcing the administration of the data storage devices from the ability to make sense of the information stored on them.
This function will certainly migrate to storage endpoints, alleviating the need for encryption appliances to be fitted into the network.
As vendors bring these devices to market, encryption itself ceases to be the security challenge; instead, encryption key management becomes the security challenge that has to be dealt with.
Encryption is based on an exchange of keys which allows those in possession of the key to make sense of encrypted data.
However, in this new environment, the types of key used will vary enormously between vendors encryption methodology and as a result the number and variety of keys that will need to be managed will grow.
As the name implies, encryption keys perform much the same function as the keys for a workplace where the variety of keys for different locks and lock types must be managed.
In the workplace this is often done by having a key box with secure access by an approved individual, who can then 'sign-out' the keys to authorised personnel.
Much the same system needs to be applied to encryption keys but the challenge here is that there will inevitably be a greater variety of key types to manage and the security system may need to be more complex.
There is also the challenge of flexibility as rights of access are assigned and reassigned to reflect organisaional change.
What will be required to achieve this is secure, automated, and open (not restricted to any key type or encryption methodology) key management systems.
The current landscape of encryption key management systems tends to be an all manual process.
This scenario creates potential for administrator error, especially in critical situations such as disaster recovery where the pressures on an individual can lead to mistakes.
The solution can only be to automate all the essential operations to do with key management - on a secure platform.
The issue of a secure platform is of particular importance because it represents a 'hidden' security challenge - how to control access to the computer system that holds the keys, when well known operating systems having well publicised security loop-holes which can be exploited.
As you can imagine, this situation has not gone un-noticed by manufacturers of security equipment and today we are starting to see the emergence of first generation automated key management systems.
These are based on a secure platform with multiple levels of controls for allowing or denying access.
In this way a policy can be set which, unless changed, will function error free even in the most testing of situations and which can be seamlessly ported to a remote site as part of a business continuity strategy.
So, having slain the dragon of encryption, it looks like the knights of the IT industry are turning their attention to security management, without which IT security will remain vulnerable to human frailty.
Expect to see a lot more of this in the near future! Zycko is exhibiting at Storage Expo 2006 the UK's largest and most important event dedicated to data storage.
Now in its 6th year, the show features a comprehensive FREE education programme and over 90 exhibitors at the National Hall, Olympia, London from 18 - 19 October 2006.
• Storage Expo: contact details and other news
• Email this article to a colleague
• Register for the free Manufacturingtalk email newsletter
• Manufacturingtalk Home Page
Search the Pro-Talk network of sites
