Home
>Topics
>Data Protection
>Secure data storage
>What are some common mistakes and oversights when implementing storage encryption?

FAQ:

What are some common mistakes and oversights when implementing storage encryption?

SearchStorage.com

The first one that comes to mind is the assumption that if it's encrypted, then it's secure. I think this is a dangerous mindset. You know, encryption doesn't automatically mean security. It's all in how the encryption is implemented and managed. That's the big one, and I tend to see that most with management and less technical people. They hear that they've got laptop encryption or that they've got a hardened data center and they assume that all is well, but that's hardly ever the case. You actually have to validate that with tools and ethical hacking techniques.

Storage security information

Compression, deduplication and encryption: What's the difference?

Mobile device security in six simple steps

Five must-have storage security testing tools

I would also say there is a mindset that compliance doesn't really affect us. But, especially with regard to storage, compliance affects all of us in some fashion. Even if your industry isn't governed by a particular law or industry regulation, it still affects you in a downstream fashion through a business associate, a partner, service level agreement (SLA), etc. So, compliance has to be on your radar and management's radar.

Also, in most networks that I'm seeing, people don't have a clue as to what information they actually have. They also don't have a clue where it's stored or what security risks it's up against. So, if they don't know this stuff, they can't reasonably know what needs to be protected. I think the assumption is that everything that is sensitive is on servers or protected storage so there's not that much to worry about. This is wrong. I'm seeing vulnerabilities in these areas all the time. In any given network today, there are megabytes, if not gigabytes, of files scattered all across different hard drives and storage systems within the network. I think sensitive information is everywhere across the network, it's unprotected, and it's waiting to be compromised. And, a lot of people are oblivious to it in many cases.

Check out the entire Storage Encryption FAQ guide.

04 Oct 2007

Related glossary terms

Terms from Whatis.com − the technology online dictionary

Secure data storage

disaster recovery as a service (DRaaS) (searchStorage.com)
write through (searchStorage.com)
remote backup appliance (searchStorage.com)
Storage as a Service (SaaS) (searchStorage.com)
hard drive shredder (searchStorage.com)
storage security (searchStorage.com)
storage encryption (searchStorage.com)

Related Resources

2020software.com, trial software downloads for accounting software, ERP software, CRM software and Business Software Systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Resource Centers

Featured

Blogs

Conferences

Regional Seminars

FAQ:

What are some common mistakes and oversights when implementing storage encryption?

Related Content

Related glossary terms

Related Resources

More from Related TechTarget Sites