Data security services: Physical and logical data security strategies

Data security services should be provided to companies of all sizes grappling with issues involving both logical and physical storage security.

Greg Schulz, StorageIO Group

Data security, including logical security (authorization, authentication, encryption and passwords) along with physical security (locked doors, surveillance or access control), has traditionally been associated with large enterprise applications or environments with sensitive data. The reality is that given increased reliance on information and data privacy awareness, data security is an issue of concern for all environments.

As a storage reseller, integrator or services provider, your options for selling services around physical security range from security assessment and site reviews, to installation and integration of various hardware, software, network and facility components:

More on data security services
Defining data security vs. data protection


  • Video surveillance, systems including still and moving image
  • Configuration change tracking, management and validation
  • Monitoring facilities and storage technologies equipment, temperature, ventilation, power and other alerts
  • Physical access control, authentication and monitoring, including card key or biometrics scanning systems
  • Locked or secured access cabinetry for servers, storage and networking gear as well as secured access to cabling and patch panels
  • Recovery of damaged media, including CD, disk and tape
  • Secure disposal and disposition of retired IT equipment and media
  • Asset and media tracking, including implementation of RFID-enabled tape volume labels, RFID scanning of tapes and removable disk drives (RDD) and GPS-enabled tape case tracking

The above is a representative list of technologies and services that you can directly provide, or partner with others to provide in order to help address your customers' physical data security issues. If you have no experience with security, then partnering with another provider or data security specialist would certainly be a means of getting some experience and developing additional service and solution offerings. Or, you could hire someone with experience to align with the type of data security services you want to provide. You could also engage with a data security consultant or contract-based person or organization to help develop your experience and security-related offerings. Yet another approach is to partner with security hardware or software providers and leverage their expertise. The caveat is that you obtain the proper experience to match the applicable security offerings you plan to deliver.

While logical data security may get headline coverage -- for example, encryption, key management, intrusion detection and forensics -- physical data security will continue to be an important part of any organization's total data security strategy. As a channel professional, there are certainly many opportunities to think outside the box to devise and deliver new data security services to your customers.

About the author:: Greg Schulz is founder and senior analyst of the independent storage analyst firm the StorageIO Group and author of the book Resilient Storage Networks (Elsevier).


Dig Deeper on Storage Backup and Disaster Recovery Services