Computer Information – Why Secure Storage Networks?
Computer Information – Storage networks are predominantly used by organizations to centrally manage their data, reduce hardware costs (cost of server hardware, software, installation, and maintenance) and downtime (when adding extra storage). Effectively manage storage resources, and overcome the problems of computational power and storage scalability that affect the ‘independent storage for each system’ approach. This network regularly uses it to store important information whose compromises can affect competitiveness, cash flow, profitability, compliance with legal and regulatory organizations, and corporate image.
Storage Area Networks (SANs) and Network Attached Storage (NAS) are the two types of storage networks that you use primarily. The two storage networks differ in various aspects; However, these two technologies build with functions in mind and not security. And are full of vulnerabilities that affect confidentiality, availability. And integrity of the information stored within these networks. Serious vulnerabilities exist within these technologies that could allow unauthorized, (and in various cases) unauthenticated access to stored information. The support for IP based connections, iSCSI in SANs, and IP connections in NAS increase the accessibility but also enlarges the attack surface.
Storage Area Networks (SANs) And Network Attached Storage (NAS)
Additionally, organizations often contract third party service providers for deploying and maintaining the storage infrastructure. In many cases, managing user permissions on the data also submit it to service providers. This adds to the number of personnel who could access the organizations’ data and the locations where the data can be accessed from (if management is outsourced. The storage infrastructure and data could be accessed from all locations where the support staff is based).
Storage vendors have recently started realizing the need for security. And are now bundling network storage devices features that help secure the SAN and NAS environments; however, these features are not configured as factory defaults. And the lack of secure storage configuration policies, standards, and guidelines at the organization/service provider level introduces considerable weaknesses in the storage network environment.
The security of storage is paramount due to the criticality of information stored. The abundance of security weaknesses in the technology and due to the ever growing compliance and regulatory requirements. The process of securing storage environments should start with strict organizational policies targeted towards storage networks. Safe configuration standards and guidelines you must then develop and enforce in line with vendor and industry best practices.
Related Post: Social Networking – Is it Better Than SEO?