Storage Management Strategies for the CIO
This article can also be found in the Premium Editorial Download "Storage magazine: Five ready-for-prime-time storage technologies."
Download it now to read this article plus other related content.
Trend 3: Storage meets security (finally!)
For the last two years, I've felt a bit like Chicken Little saying "The sky is falling," although as an analyst, I tend to come up with pithier statements like "Without security, information lifecycle management is DOA." After lots of blank stares, I'm certain that users and vendors now understand the requirements here.
On the demand side, the lost tape debacles at Bank of America, Citibank and Time Warner certainly served as an industry wake-up call. Because only 7% of storage professionals "always" encrypt their backups (an ESG research statistic), CIOs suddenly realized they were paying little attention to a significant risk. The press picked up on this security vulnerability, too, and suddenly my phone was ringing.
On the supply side, 2005 was an active year for security. NetApp sent a shot across the industry's bow by acquiring Decru. NeoScale Systems' storage security appliance sales took off, especially around encrypting backup data. Kasten Chase saw increased interest in its storage security technologies and services, while storage services expert GlassHouse introduced a storage security assessment practice. Other vendors like Hitachi Data Systems, Nexsan and Spectra Logic also jumped on the bandwagon with security-focused features, and EMC told the world that security would be incorporated into everything it does.
The momentum is certain to build next
Requires Free Membership to View
year. In the first quarter of 2006, the ANSI T11 committee will likely ratify the Fibre Channel Security Protocol (FC-SP) standard that will initiate a race to see which vendor can announce FC-SP-compliant products first. I also expect storage vendors to move beyond their myopic "storage security equals encryption" mindset and to beef up their products with things like syslog support, role-based access control (RBAC) and public-key infrastructure (PKI).
Let's not confuse opportunism with altruism, though. A storage vendor's main driver for adding storage security support is profitability and differentiation. As 2006 progresses, users will expect strong security in all storage products. As an IT manager told a senior guy I know at EMC, "We let you storage guys slide on security for a long time, but you can't slide anymore."
The bottom line
These three trends are the first half of my list; I'll expand on it further in my next column. In the meantime, users should prepare for these first few trends by spending time with their networking and security peers, scheduling adequate training for the entire storage team and setting up confidential road map meetings with their strategic storage vendors. Be ready to address regulatory compliance and data privacy issues as well.
On behalf of everyone at ESG, we hope you have a wonderful holiday season and a happy New Year. Spend some time with your family, go skiing and enjoy your time off. It's likely to be a busy year for storage in 2006.
This was first published in December 2005
Join the conversationComment
Share
Comments
Results
Contribute to the conversation