Stamp out NAS threats

Ezine

This article can also be found in the Premium Editorial Download "Storage magazine: New rules change data retention game."

Download it now to read this article plus other related content.

1
2
3
4
5
6
7
8
9

There are numerous threats to NAS data and many different ways to protect it. The trick is to find the right level of protection for the perceived risk.

NAS is vulnerable to many of the exploits that plague Windows-based systems: viruses, worms, unauthorized access, data tampering, snooping and IP spoofing. But even though NAS runs on ubiquitous Ethernet and TCP/IP transport protocols, it's fairly easy to protect. The tough part is finding the right level of protection.

Any good security framework contains multiple security layers. If one layer is compromised, the target of the attack is still protected by other layers. In the case of NAS, network perimeter security is the outermost shield that keeps unauthorized people out of your LAN and storage network. If an attacker penetrates your perimeter security, authentication and file-access authorization will prevent access to files and folders on the NAS; and unless an attacker can guess an authorized account and its password, your data will still be protected.

Prioritization and fortification of those areas with the highest risk is another guiding principle. It's important to secure each area appropriate to its risk by finding a balance between what's required and what's overkill. For example, while multifactor authentication using a password and token or biometric identification may be a requirement for financial firms, password authentication harnessing Active Directory with a strong password

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

policy is probably sufficient for most firms.

Audits are an often-neglected aspect of security. It's only through testing that you can ensure the security measures in place actually work. These NAS security areas need to be addressed:

Network security
Access control
Security updates
Malware
Encryption
Audit trails and security logs
NAS management

1
2
3
4
5
6
7
8
9

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in September 2007

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

More from Related TechTarget Sites

Solid State Storage
Virtual Storage
Cloud Storage
Disaster Recovery
Data Backup
Storage UK
Storage Channel

searchSolidStateStorage
- What are the goals of the NVM Express standard?
  
  Independent storage expert Marc Staimer discusses Nonvolatile Memory Express and what the standard is designed to accomplish.
- Law firm uses NexGen hybrid array to keep cases moving
  
  Ohio law firm uses a NexGen solid-state, HDD hybrid storage array to provide the IOPS needed to keep its litigation and e-discovery practices moving.
- The top three use cases for PCIe SSD
  
  Learn more about the most common applications of PCIe solid-state cards today in this Expert Answer from independent storage expert Marc Staimer.
Virtual Storage
- Startup CloudFounders builds open storage for VMs
  
  CloudFounders promises an open storage version of software-defined storage that supports OpenStack, Amazon S3 and VMware.
- 10 ways to improve virtual server storage
  
  Virtual server storage operations can have a profound effect on the storage network. Here are 10 ways to help ensure that your storage yields its best I/O for the VMs it supports.
- VMware market share is high in a small pool of virtualization
  
  Storage expert Jon Toigo explains how VMware is the market leader, and why virtualization growth statistics seem more impactful than they truly are.
CloudStorage
- Data durability guarantees shouldn't be big concern with cloud storage
  
  Data durability guarantees of cloud storage providers shouldn't be a big point of concern for customers; they're too tough to measure and enforce.
- TwinStrata bumps up CloudArray DR capabilities
  
  A new version of the TwinStrata CloudArray gateway can recover data and applications off the cloud for DR without having to rebuild servers.
- Hitachi Data Systems launches HCP Anywhere for online file sharing
  
  Hitachi Data Systems addresses online file sharing through HCP Anywhere as part of its Hitachi Content Platform (HCP) object cloud storage system.
searchDisasterRecovery
- Building a business continuity management system
  
  The business continuity management system is a framework for building and administering a business continuity program within an organization.
- Determining your organization's critical data
  
  In this video, Jon Toigo discusses the steps IT pros need to take to ensure they capture all of their organization's critical data.
- 'Time to data' measures success in your business continuity program
  
  In this Storage Decisions video, disaster recovery expert Jon Toigo discusses the major goals of a disaster recovery/business continuity program.
searchDataBackup
- The pros and cons of integrated backup appliances
  
  Find out whether integrated backup appliances with backup software, server and storage offer any benefits beyond ease of installation.
- Quantum vmPRO adds LTFS tape support, DXi V-Series gains capacity
  
  Quantum upgrades its vmPRO virtual machine backup appliance, supporting 24 TB of pre-deduped data and LTFS tape in a virtual appliance.
- Veeam Software adds WAN acceleration, tape support for VM backup
  
  Veeam upgrades its virtual machine backup software, building WAN acceleration and native tape support into Backup & Recovery v7.
searchStorageUK
- Dell cloud storage plans remain hazy
  
  News of a Nirvanix partnership filled in some details about Dell's cloud storage strategy, but the company still treats its cloud plans as a secret.
- Storage Radio: Riverbed Whitewater appliance chases enterprise
  
  In our latest Storage Radio podcast, SearchStorage.com editors discuss the Riverbed Whitewater cloud data backup appliance for enterprise backups.
- Finding data deduplication solutions for DR
  
  Deduplication is an important strategy for disaster recovery. Learn more about data dedupe solutions in this expert tip by Paul Kirvan.
searchStorageChannel
- Hitachi Data Systems Partner Program Checklist
  
  Learn the benefits of becoming a Hitachi Data Systems reseller partner with our Partner Program Checklist.
- Yosemite Technologies Partner Program Checklist
  
  Learn the benefits of becoming a Yosemite Technologies reseller partner with our Partner Program Checklist.
- CommVault, Inc. Partner Program
  
  Learn about data management software vendor CommVault, Inc.'s partner program in this standardized checklist.

All Rights Reserved,Copyright 2000 - 2013, TechTarget