storage security

Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks - and unavailable to other entities. These parameters can apply to hardware, programming, communications protocols, and organizational policy.

Several issues are important when considering a security method for a storage area network (SAN). The network must be easily accessible to authorized people, corporations, and agencies. It must be difficult for a potential hacker to compromise the system. The network must be reliable and stable under a wide variety of environmental conditions and volumes of usage. Protection must be provided against online threats such as viruses, worms, Trojans, and other malicious code. Sensitive data should be encrypted. Unnecessary services should be disabled to minimize the number of potential security holes. Updates to the operating system, supplied by the platform vendor, should be installed on a regular basis. Redundancy, in the form of identical (or mirrored) storage media, can help prevent catastrophic data loss if there is an unexpected malfunction. All users should be informed of the principles and policies that have been put in place governing the use of the network.

Two criteria can help determine the effectiveness of a storage security methodology. First, the cost of implementing the system should be a small fraction of the value of the protected data. Second, it should cost a potential hacker more, in terms of money and/or time, to compromise the system than the protected data is worth.

This was last updated in September 2005

Continue Reading About storage security

Dig Deeper on Data storage management