This article can also be found in the Premium Editorial Download "Storage magazine: Who owns storage in your organization?."
Download it now to read this article plus other related content.
No doubt about it, the ILM vision provides some valuable storage-focused qualities. But will it be secure? Hey, I can't help it--we security geeks look at new technologies and ask questions like, "What kind of damage could I do?" And of course, "How could I cover my tracks so I wouldn't get caught?"
The unfortunate conclusion I have come to is the current ILM plan either minimizes or totally ignores security, and this isn't a small snafu--it's a major omission.
According to a recent Price Waterhouse survey, corporate executives state that more than 70% of a company's market value lies in its intellectual property (IP). What's more, IP theft can be extremely costly. According to the 2003 Computer Security Institute/Federal Bureau of Investigation (CSI/FBI) security survey, "theft of intellectual property" was identified as the costliest type of security breach (by 35% of respondents) followed by denial of service attacks (33%), viruses (14%) and insider
So what's the security concern with ILM? Imagine that it's 2007 and ILM provides services for functions such as data movement, infrastructure management, meta data tagging and policy management. ILM further presents a centralized view of the information assets and infrastructure, regardless of where the information actually is stored. Skilled hackers could attack this architecture in several ways:
- Direct attack on the ILM infrastructure. Assume that ILM will coordinate activities via IP over LANs, WANs and the Internet. This makes sense, given the preponderance of IP services and IP storage momentum. The problem here is that IP communications mean many network and application layer security vulnerabilities may leave ILM exposed. If hackers gain access to ILM, they could discover administrator passwords so that illicit activities would look like the activities of a legitimate storage administrator. They could alter policies so that important corporate data could be deleted immediately. They could also corrupt the meta data repository, destroying important information attributes or steal valuable data to extort money or sell it to the highest bidder.
- Sniff the network. As ILM distributes the control and data paths over geographic distances, it will become a sitting duck. Hackers could sniff the network and have access to a treasure chest of information. Worse, they could alter information by using a man-in-the-middle attack. After being paid off by an unscrupulous competitor, a network administrator could intercept ILM information and alter policies so that critical data could be marked for deletion. This would certainly cause a serious business disruption.
This was first published in May 2004