Breach – Preparing Cyber-Secure Storage for the Inevitable

The goal of cyber-secure storage is to eliminate attempts to breach an organization’s storage and access its data. The prior three blogs describe methods IT can take to better protect the organization’s data assets; however, despite all the best efforts, there is always a chance that a bad actor will breach the environment. A key capability of a cyber-secure system is its ability to provide information to IT, of a breach’s occurrence.

Most primary and secondary data protection storage systems provide limited protection from a breach. The extent of their cyber-proofing is, at best, encryption, which as discussed in previous blogs is not enough. These systems make matters worse by giving IT no indication of a breach.

IT needs an auditing and reporting feature built into all its storage systems. An auditing function or utility needs to provide a complete analysis of all user activity. The auditing function should identify users changing an unusually large number of files, which indicates a potential ransomware attack. It should also identify users that copy a large number of files to another device or another service. This could indicate a malware attack that steals data.

In addition to tracking users, the system needs to audit changes to volumes and file-systems. In a breach situation, a hacker may attempt to change the encryption keys for a volume or file-system. The auditing software should alert IT of that activity.

Real-time is Key

The auditing and reporting function needs to deliver its information automatically, in real-time. IT can’t manually run the auditing and reporting software, instead it needs to run continuously alerting IT to any problems. The real-time requirement also means integrating auditing and reporting capabilities directly into the storage software and not purchasing it from a third party after the fact.

Holistic Security

A single feature, like encryption, doesn’t make a system secure. IT needs to meet the cyber-security challenge head on by selecting a consolidated storage system with built in data protection and data management. A consolidated system keeps IT from having to manage multiple security methods and simplifies overall storage management.

The consolidated system, with built in data protection and management, provides the foundation for IT to then properly implement encryption. Implementation of data encryption needs to occur from the first time the storage system is powered up while ensuring no one can disable it. Selective encryption creates the opportunity for data insecurities and inconsistencies in performance.

Finally, it may be possible to compromise even the best system. The storage system needs to provide real-time alerting of user files and the status of volumes and file-systems.

StorageSwiss Take

As IT planners examine the concepts that create a cyber-secure storage system, they will also see that the same system solves many other problems. The cyber-secure system’s consolidation capabilities reduce storage management headaches while it’s built in data protection capabilities reduces pressure on the data protection process. Additionally, its ability to transparently move data to another system or to the cloud reduces the physical cost of the system and makes upgrades less likely.

Watch On Demand

Twelve years ago George Crump founded Storage Switzerland with one simple goal; to educate IT professionals about all aspects of data center storage. He is the primary contributor to Storage Switzerland and is a heavily sought after public speaker. With over 25 years of experience designing storage solutions for data centers across the US, he has seen the birth of such technologies as RAID, NAS and SAN, Virtualization, Cloud and Enterprise Flash. Prior to founding Storage Switzerland he was CTO at one of the nation's largest storage integrators where he was in charge of technology testing, integration and product selection.

Tagged with: , , , , , , , ,
Posted in Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 21,893 other followers

Blog Stats
  • 1,255,913 views
%d bloggers like this: