Ask the Expert

How do you avoid security problems?

We are implementing a storage solution with an ISP using EMC. We want to know what we need to control in order to avoid security problems, like access to disk information. Our platform is W2000 and NT 4. Thanks.

    Requires Free Membership to View

Wow! Security is such a huge topic... Realistically, the only way to address your concerns is in specifics. Someone should conduct a security review of your site and your ISP. There are all sorts of issues here: physical security, security of the connection, policies, etc.

In my experience, most networks have some vulnerability. The only thing that is guaranteed to change with an ISP is that the data is no longer on your premises. If you put your data in some else's facility then you know for sure that someone else has access to it. However, because of the nature of their business, most ISPs are more security conscious than most end-user organizations. Your data may be more secure at their site than in your sever room.

Internal to organizations, the most common issue is that permissions accumulate over time. People are given additional access to perform new tasks and do new functions while their old permissions never go away. Eventually large communities have all sorts of access that they don't really need or even use.

In the situation you mention, the Windows 2000 encrypting file system may be of benefit. By using it to automatically encrypt your remote data, you lessen the risks that accrue from giving others access to it.

Editor's note: Do you agree with this expert's response? If you have more to share, post it in our .dZROapaKemm^1@.ee83ce3!viewtype=threadDate>Storage Management discussion forum.

This was first published in February 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: