Feature

What is Information lifecycle security management?

Ezine

This article can also be found in the Premium Editorial Download "Storage magazine: Lessons learned from creating and managing a scalable SAN."

Download it now to read this article plus other related content.

ILS obviously extends beyond the realm of storage professionals and technologies, but the storage gang plays a pivotal role in the entire process. Storage technologies will likely provide some key ILS components, including the following:

  • ILS POLICY ENGINES. As previously noted, once information is classified, protection schemes will be determined by business policies configured in a centralized policy engine. Given the work being done around ILM, it's likely that this policy engine will reside within the storage infrastructure. Policy rules will live within the data as it flows and changes.


  • TAGGING AND META DATA REPOSITORIES. To communicate and enforce ILS policies, structured and unstructured information must be "tagged" with a universally understood identity and set of policy rules. Again, storage vendors will be part of this vision, although the overall success of the ILS model depends on a set of tagging and meta data standards that ensure interoperability among vendors and data types.


  • SECURE FILE SYSTEMS. Distributed file systems will have to recognize and interoperate with policy engines, information identities and meta data tags. To enforce and monitor policies, disparate file systems (NAS boxes, PCs, mobile devices, etc.) will have to communicate back to central management as information is altered. When a financial

    Requires Free Membership to View

  • analyst changes the name of a confidential file on their PC, for example, the local file system will alert central management.


  • CENTRALIZED MANAGEMENT. If the storage tier contains a policy engine and a meta data repository, it will likely also house a centralized logging service. Logging is necessary to monitor data flow, access and usage at all times. Log files will be supported by event and incident management, as well as analytics for auditing and reporting.
The storage tier will likely share other functions such as encryption, key management and administration with other functional technology domains. For example, a confidential source-code file will be stored in an encrypted format, transported using layer-2/layer-3 encryption, and then encrypted again on a local file system. This process will happen seamlessly, based on the file's meta data and policies. Of course, ILS enforcement demands lots of integration, which will require standard, secure protocols and APIs.

Get ready for ILS
It's time the industry looked beyond technology and infrastructure and focused on how to secure the information itself, and that's exactly what ILS will do. At this point in time, ILS is a blue sky vision, but storage professionals should still pay attention. Securing the storage environment in isolation is important, but it remains focused on technology rather than on information defenses. Within ILS, storage professional and vendor roles will evolve into a superset of current responsibilities. This won't happen overnight and, of course, ILS may require an unprecedented level of vendor cooperation. On the other hand, some form of ILS is certain to come. I hope the storage world is ready.

This was first published in July 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: