How can I convince my network admin that data at rest is more vulnerable than data in transit?


It's easy for developers and network administrators to downplay vulnerabilities, but that's not reality. Data in transit can be vulnerable. Network analyzers can certainly capture data over the air or the wire, but there's no guarantee that the captured data would be useful.

However, an attacker on your network really poses bigger problems. I strongly believe that data at rest is really "where the goods are" -- storage is where information is present for the longest period of time, and this time gives the attackers the edge to pick and choose, copy and delete, and basically wreak havoc. Consequently, securing data at rest can give you the biggest payoff.

Listen to the Storage Security FAQ audiocast here.

Go to the beginning of the Storage Security FAQ Guide.

14 Mar 2007