What is storage security? What activities does it entail?

You could actually write a collection of books on this very subject. I define storage security as a set of technical controls, business processes and supporting documentation, including policies and procedures.

Requires Free Membership to View

that help to keep the bad guys out. By this, I mean external attackers and rogue insiders -- keep them out of the "crown jewels" of the network: the storage environment.

Storage security is really no different than any other type of information security. It involves the technology and a set of business practices, proper controls and ongoing testing to make sure company data is kept safe. Storage security specifically focuses on the storage environment, and by storage environment I mean NAS, SANs and DAS, which includes hard drives on servers, desktops, laptops, thumb [flash] drives and other mobile storage devices -- really anything that stores information as a business asset.

Storage security also extends outside of the network to include external users, such as customers placing orders online. Any entry point into the network and into the storage environment needs to be protected. All it takes for your storage system to become compromised is one remote user running on an unprotected wireless network without personal firewall software or the latest security updates to the operating system. Pay attention to all points of entry; no matter how obscure or indirect.

This was first published in March 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: