This article can also be found in the Premium Editorial Download "Storage magazine: Tips for lowering the cost of storage support contracts."
Download it now to read this article plus other related content.
I was pretty shocked at the time and decided something had to be done. In March 2004, I responded with a storage security manifesto that outlined 42 security-related product features, storage architecture considerations and processes users should demand from vendors. I was proud of this effort until I realized that I was the only one who thought it was valuable. Storage professionals and vendors scoffed at the notion that security was an issue. Everyone went on their merry way while I became the storage industry equivalent of Chicken Little.
But things have changed. Between the string of visible data breaches and regulatory compliance, the storage crowd woke up to the fact that security was a requirement. As storage professionals put the heat on vendors, the industry reacted. Network Appliance (NetApp) bought Decru. The Storage Networking Industry Association pushed security protocols. EMC grabbed RSA Security.
These were all positive steps, but there was still something lacking, namely a visible commitment to security. I was always longing to see a storage company that would integrate security into its internal culture and make it a pervasive part of the product design, code development and customer-support processes.
This was first published in May 2007