Q

Data at rest security

Keeping data safe has to be a top priority for storage VARs. Data at rest is just as important to keep safe as data in flight. Randy Kerns offers some advice to help keep it secure.

This Content Component encountered an error
What security features should be included in a data at rest storage product?
Before considering what features should be in a data at rest storage product, a few more important items must be dealt with.

  • Is the storage removable? If so, there are more opportunities for problems. If the data is transported off site and physical control of the storage is turned over to an outside party, then some form of encryption may be required if the data is sensitive.

  • Is there physical security where storage system and data reside? If not, this needs to be resolved first.

  • Is the storage product equipped with prudent administrative controls? Are the number of people who have access to the data limited based on skill and role-based passwords, access controls lists, etc? Protecting data in a system is about controlling access. This happens primarily from the application standpoint because the data is meant to be used for processing.

Protecting data at rest that is not removable is about controlling access. Encrypting data at rest in an active storage system may not protect the data if the normal application access path is used -- the encryption may be useless without security around the application access. Also, encryption and other security measures come at the price of more operational expense such as managing keys and access controls. These require more staff, most product costs, and the barriers may significantly impede some normal operations.

Security is an overall system issue that starts with the quality of the personnel involved. It can't be looked at from a device perspective without addressing all of the other issues first.

This was first published in January 2007

Dig deeper on Data Backup and Data Protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close