This article can also be found in the Premium Editorial Download "Storage magazine: Lessons learned from creating and managing a scalable SAN."
Download it now to read this article plus other related content.
ILS obviously extends beyond the realm of storage professionals and technologies, but the storage gang plays a pivotal role in the entire process. Storage technologies will likely provide some key ILS components, including the following:
- ILS POLICY ENGINES. As previously noted, once information is classified, protection schemes will be determined by business policies configured in a centralized policy engine. Given the work being done around ILM, it's likely that this policy engine will reside within the storage infrastructure. Policy rules will live within the data as it flows and changes.
- TAGGING AND META DATA REPOSITORIES. To communicate and enforce ILS policies, structured and unstructured information must be "tagged" with a universally understood identity and set of policy rules. Again, storage vendors will be part of this vision, although the overall success of the ILS model depends on a set of tagging and meta data standards that ensure interoperability among vendors and data types.
- SECURE FILE SYSTEMS. Distributed file systems will have to recognize and interoperate with policy engines, information identities and meta data tags. To enforce and monitor policies, disparate file systems (NAS boxes, PCs, mobile devices, etc.) will have to communicate back to central management as information is altered. When a financial
- analyst changes the name of a confidential file on their PC, for example, the local file system will alert central management.
- CENTRALIZED MANAGEMENT. If the storage tier contains a policy engine and a meta data repository, it will likely also house a centralized logging service. Logging is necessary to monitor data flow, access and usage at all times. Log files will be supported by event and incident management, as well as analytics for auditing and reporting.
Get ready for ILS
It's time the industry looked beyond technology and infrastructure and focused on how to secure the information itself, and that's exactly what ILS will do. At this point in time, ILS is a blue sky vision, but storage professionals should still pay attention. Securing the storage environment in isolation is important, but it remains focused on technology rather than on information defenses. Within ILS, storage professional and vendor roles will evolve into a superset of current responsibilities. This won't happen overnight and, of course, ILS may require an unprecedented level of vendor cooperation. On the other hand, some form of ILS is certain to come. I hope the storage world is ready.
This was first published in July 2006