This article can also be found in the Premium Editorial Download "Storage magazine: What to do when storage capacity keeps growing."
Download it now to read this article plus other related content.
|Top five storage security technologies|
First line of defense
Although external identify theft is grabbing the headlines, TheInfoPro's survey respondents fear internal threats more. "Three-quarters of the respondents consider threats inside the network to be greater than external threats," says the firm's Stevenson. In particular, they were concerned with unauthorized access to sensitive data and the ability to transfer sensitive data, such as slipping a gigabyte of confidential data out of the organization on a tiny USB device attached to a keychain.
Access control and identity management therefore represent the first line of SAN defense. The goal is to hinder unauthorized people from gaining access to your storage management tools and devices. This requires the ability to authenticate users or systems trying to gain access and grant appropriate authorization.
"Who do you allow to access your SAN? Access control is the first step in SAN security," says Scott Robinson, chief technology officer at Datalink Corp., a Chanhassen, MN, storage systems integrator. Approximately three-quarters of TheInfoPro respondents identified access control as either extremely important or very important in securing their storage (see "Top five storage security technologies").
"Management tools are the biggest threat to your SAN. Once people gain access to your storage management tools, they can do almost anything," says Greg Schulz, founder and senior analyst at StorageIO, a storage industry research firm in Stillwater, MN.
This was first published in June 2006