|
I can't remember anything that's lit a fire under the industry as much as information life cycle management (ILM). The Enterprise Storage Group (ESG), Milford, MA, defines ILM as a series of technologies and processes that enable resource optimization, effective data protection and superior application performance. While ILM may be years away, it will likely involve a number of storage services that automate data movement based upon attributes such as business rules, operational policies and protection requirements.
No doubt about it, the ILM vision provides some valuable storage-focused qualities. But will it be secure? Hey, I can't help it--we security geeks look at new technologies and ask questions like, "What kind of damage could I do?" And of course, "How could I cover my tracks so I wouldn't get caught?"
The unfortunate conclusion I have come to is the current ILM plan either minimizes or totally ignores security, and this isn't a small snafu--it's a major omission.
According to a recent Price Waterhouse survey, corporate executives state that more than 70% of a company's market value lies in its intellectual property (IP). What's more, IP theft can be extremely costly. According to the 2003 Computer Security Institute/Federal Bureau of Investigation (CSI/FBI) security survey, "theft of intellectual property" was identified as the costliest type of security breach (by 35% of respondents) followed by denial of service attacks (33%), viruses (14%) and insider net abuse (6%).
So what's the security concern with ILM? Imagine that it's 2007 and ILM provides services for functions such as data movement, infrastructure management, meta data tagging and policy management. ILM further presents a centralized view of the information assets and infrastructure, regardless of where the information actually is stored. Skilled hackers could attack this architecture in several ways:
- Direct attack on the ILM infrastructure. Assume that ILM will coordinate activities via IP over LANs, WANs and the Internet. This makes sense, given the preponderance of IP services and IP storage momentum. The problem here is that IP communications mean many network and application layer security vulnerabilities may leave ILM exposed. If hackers gain access to ILM, they could discover administrator passwords so that illicit activities would look like the activities of a legitimate storage administrator. They could alter policies so that important corporate data could be deleted immediately. They could also corrupt the meta data repository, destroying important information attributes or steal valuable data to extort money or sell it to the highest bidder.
- Sniff the network. As ILM distributes the control and data paths over geographic distances, it will become a sitting duck. Hackers could sniff the network and have access to a treasure chest of information. Worse, they could alter information by using a man-in-the-middle attack. After being paid off by an unscrupulous competitor, a network administrator could intercept ILM information and alter policies so that critical data could be marked for deletion. This would certainly cause a serious business disruption.
A disgruntled employee could also try to disturb ILM processes by launching a denial-of-service attack--an ICMP or TCP flood would do just fine. This kind of security event would be a nuisance rather than a disaster, but it would likely have a negative impact the storage administrator's weekend plans.
|
 |
|
