Many people are using DevSecOps, which makes everyone in the organization responsible for security.For storage professionals, this means more attention to data storage security.
What is data storage security?
Data storage security is a subset of the IT security field dedicated to protecting storage devices and systems.
The storage network industry association (SNIA) dictionary provides the definition of data storage security:
Storage security: application of physical, technical, and administrative controls to protect storage systems and infrastructure as well as data stored in it.Storage security focuses on protecting data (and its storage infrastructure) to prevent unauthorized disclosure, modification, or destruction while ensuring the availability of authorized users.These control measures may be preventive, investigative, corrective, deterrent, restorative or compensatory.
SNIA also pointed out that the safe storage "also may be the last line of defense against opponents, but the premise is to store managers and administrators to spend time and effort to implement and activation of the available storage security control."
Ensuring correct data storage security is a prudent balancing act for store managers and administrators.They need to weigh the acronym CIA covers three main problems: confidentiality (confidentiality), integrity (integrity) and availability (the availability).They must protect sensitive data from unauthorized users, they must ensure that data in the system is reliable, but also ensure that the organization needs to access data in everyone can use these data.
At the same time, they need to be very aware of the costs and the value of the data.No one wants the data storage security system to end up being more expensive than the data they protect.However, organizations also need to have strong security systems to protect them, which requires potential attackers to spend more time and resources than the final value of the data.
Data security and data protection.
Storage security and data security are closely related to data protection.Data security mainly includes preventing the disclosure of private information to unauthorized persons.It also includes protecting data from other types of attacks, such as blocking access to information or altering the data to make it unreliable.
Data protection is more concerned with ensuring that data remains available after a vicious event, such as a system or component failure, or even a natural disaster.
In order to ensure the reliability and availability of information, and the need to recover from any events that might threaten the organization's data, data security and data protection overlap.Storage professionals often find themselves dealing with data security and data protection issues at the same time, and adopting some of the same best practices can help solve these two problems.
Data security and data protection are clearly overlapping issues.
Key drivers of data storage security.
Recent trends are increasing the interest of companies in data security.They include the following:
?Data growth - the amount of data stored in the global computer system roughly doubles every two years, according to research firm IDC.For companies, this means constantly adding new storage devices to meet business requirements.As reserves grow, they become more valuable as targets and harder to protect.
?Network attack growth - Verizon leaked report of 2018 data show that in 2017 found 53000 security incidents, including 2216 data leakage incidents, and this is only a small part of the actual events organization.A recent report from the UK government agency showed that the number of cyber attacks in 2017 was greater than in any other year.Almost every day, such news is reported in the news, which makes companies worry about their safety.
?The cost of data leakage - the cost of data leakage recovery is very high.Poirot Mongolia institute of the data reveal that cost 2017 study found that the security events that took place in 2017, the violations of the enterprise average incident loss of about $3.62 million, these costs can be a strong pressure to improve data security.
?Increasing the value of data - because of the rise of big data analytics, companies are more aware of the value of data than ever before.According to Gartner survey research institutions, large data analysis in recent years market growth at 63.6%, to 2020, the enterprise may cost $22.8 billion to buy tools, help them find valuable data.But in order for the analysis to prove useful, companies need to be able to ensure the authenticity of the data, which means that companies will invest more in security.
?Borderless networks - with the development of emerging technologies such as cloud computing and the Internet of things (IoT), companies now have more and more data than ever before.Enterprise networks no longer have the hard edge that organizations can use to define and protect against firewalls.Instead, they must rely more heavily on deep defense, including storing security to protect their information.
?Regulations - government departments are becoming more and more interested in data security and thus have enacted stronger laws.The eu's general data protection ordinance (GDPR) will take effect on May 25, 2018, forcing in the global business take stronger measures to protect customer privacy, at the same time also can affect storage security.
?The need for business continuity - 2017 is a record year for natural disasters in the us, highlighting the need for business continuity and disaster resilience.This drives the need for secure backup and other storage security technologies.
?DevSecOps - according to Forrester, a research firm, 63 percent of organizations have implemented DevOps, and another 27 percent plan to do so.Along with the development of the enterprise, more and more enterprises begin to more and more interested in its, DevSecOps to integrate security and method, and spreads the security responsibility throughout the organization, including data storage team.
Storage system vulnerabilities.
Another important driver of data storage security is the inherent vulnerability of the storage system.They include the following:
?Lack of encryption - although some high-end NAS and SAN devices contain automatic encryption, many of the products on the market do not contain these features.This means that the organization needs to install separate software or encryption devices to ensure that its data is encrypted.
?Cloud storage - more and more enterprises choose to store some or all of their data in the cloud.Although some people think that cloud storage safer than internal deployment of storage, but cloud computing has increased the complexity of the storage environment, and often need to store staff to learn new tools, and implementation of new procedures, to ensure that the data are fully protected.
?Incomplete data destruction - when data is deleted from a hard disk or other storage medium, it may leave traces that may cause unauthorized personnel to recover the information.Storage managers and administrators need to ensure that any data that is deleted from the store is overwritten and cannot be restored.
?Lack of physical security - some organizations don't pay enough attention to the physical security of their storage devices.In some cases, they do not consider the internal personnel (such as employees or cleaning team members) may be able to access the physical storage devices, and extract the data, thus bypassing all carefully planned based on the network security measures.
Data security best practices.
To address these technical trends and address the inherent vulnerabilities of their storage systems, experts recommend that organizations implement the following best practices:
1. Data storage security strategy - the enterprise should develop a written strategy to specify the appropriate level of security for the different types of data it has.Obviously, the security required for public data is much lower than that of restricted or confidential data, and the organization needs to have appropriate security models, processes, and tools to implement appropriate protection measures.These policies also include detailed information about security measures that should be deployed on the organization's storage devices.
2. Access control - role-based access control is a prerequisite for secure data storage systems, and in some cases multi-factor authentication may be appropriate.Administrators should also ensure that any default passwords on their storage devices are changed, and that users are forced to use strong passwords.
3. Encryption-data should be encrypted during transmission and at rest in the storage system.The storage administrator also needs to have a secure key management system to track their encryption keys.
4. Data loss prevention - many experts believe that encryption alone is not enough to provide comprehensive data security.They recommend that the organization also deploy data loss protection (DLP) solutions to help find and prevent any ongoing attacks.
5. Powerful network security - storage system does not exist in a vacuum, they should be surrounded by a powerful network security system, such as firewall, gateway anti-malware protection, security, intrusion detection system, and possible advanced analysis and security solution based on machine learning.These measures should prevent most network attackers from gaining access to storage devices.
6. Strong endpoint security - again, organizations need to ensure that they have appropriate security measures on their personal computers, smartphones, and other devices that access storage data.These endpoints, especially mobile devices, could be a weak link in organizing cyberattacks.
Redundancy - redundant storage, including RAID technology, not only improves availability and performance, but in some cases helps organizations mitigate security events.
8. Backup and restore - some successful malware or extortion software attacks are so completely disruptive to the enterprise network that the only recovery method is recovery from backup.Storage managers need to ensure that their backup systems and processes are appropriate for these types of events and for disaster recovery purposes.In addition, they need to ensure that the backup system has the same data security level as the primary system.
沒有留言:
張貼留言