The main advantage of storage
Learn More
encryption in a SAN is the fact that it hardens the core of the network at relatively low cost. Multiple ciphers can be used for individual files, folders, or data volumes. In addition, two encryption arrangements can be used, one for data in transit and the other for stored and archived data. The ciphers, and the corresponding decryption keys, should be changed frequently.
Two criteria are said to help determine the potential effectiveness of any storage security plan. First, the cost of implementing the plan should be a small fraction of the value of the protected data. Second, it should cost a potential hacker more, in terms of money and/or time, to compromise the system than the protected data is worth. In this respect, storage encryption is often seen as an ideal solution. However, it is not completely foolproof, and is best used with other security measures such as hardware zoning. Because it works proactively, a relatively simple storage encryption arrangement can pay for itself in a short time. Storage encryption is an important element in what is referred to as deperimeterization.