With data threats and security breaches at an all time high, protecting data both at rest and in flight is a major concern for organizations around the world. Today, terabytes of business-critical data sits in storage networks around the world. For the most part this data is housed in cleartext format and remains unprotected from unauthorised or inappropriate access by insiders – such as company employees or contractors – and outsiders, including hackers. As a result, protecting data from misuse is a critical requirement for all organizations.
Securing data is also a key concern as organizations seek to grow their businesses and increase efficiency. By locking down sensitive data, organizations can consolidate storage, protect business critical information such as source code and even outsource securely if needed.
However, not all security solutions are created equal. Before selecting a storage security solution, organizations must evaluate their options based on the following criteria.
1. Iron-clad security – An organization's security is only as strong as its weakest link.
• Hardware-based encryption and key management is critical. Encryption hardware must be physically tamper-resistant. In addition, key management is often the weakest component of encryption systems. Encryption keys, tickets, and credentials must not be exposed in cleartext in an open operating system – otherwise, the system is only as strong as the OS itself. Keys must be wrapped in encryption whenever they are exposed outside of secure hardware. Key management systems must automate key backups to ensure that hardware failures are easily recoverable.
• Storage security solutions must employ industry-standard, strong encryption algorithms such as AES, SHA, and ECC. Because stored data must be kept confidential for decades, sufficiently AES 256 should be used. Further, encryption algorithms must be exportable to all major industrialised nations.
• Storage security solutions must provide tamper-evident logs of sensitive administrative and user actions, including file accesses. Administrators must not have the ability to erase or modify logs without detection.
2. Fast and invisible -- Deployment of a security solution must be transparent to existing infrastructure, applications and workflow. It must not require custom integration with applications, servers, or desktops, and must be easily deployed without taking key applications offline. Further, storage security platforms must provide multi-gigabit throughput and sub-millisecond latency performance to support mission-critical applications.
3. Works everywhere -- Organizations manage enormous amounts of sensitive data across heterogeneous environments. A storage security platform must provide a single, integrated platform for securing data, regardless of where it resides (NAS, DAS, SAN, tape).
4. Low maintenance -- Storage security solutions must be easily and securely managed via Web and CLI interfaces. Clusters of devices should be manageable as a group, and common tasks should be scriptable. Compatibility with SNMP monitoring is required. Administrator access should be secured by two-factor authentication (e.g. password and smart card or other token).
5. Agent software is optional -- The cost and complexity of deploying agent software across thousands of desktops and servers is substantial. Moreover, the wide variety of operating systems and versions, as well as ongoing updates and patches, makes this approach unreliable for stand-alone enterprise-wide deployment. The solution must be deployed with an appliance – the hardware should perform all primary functions transparently with optional features delivered in software agent format.
6. Compartmentalize – Increasingly in today's environment, cost and manageability concerns are driving consolidation of applications onto shared storage systems. Storage security solutions must provide the ability to cryptographically compartmentalise data on shared devices or networks, and customise access controls and security requirements for each "vault." This is particularly important in protecting data from the risk of insider theft.
7. Granular access controls – The storage security platform must combine back-end encryption with authentication and granular access controls for users and applications. Per-user and per-file ACL support are required for NAS environments. The platform should integrate with existing authentication and directory services including Active Directory, LDAP, and NIS.
8. Plays well with others – The storage security platform must interoperate seamlessly with all major operating systems, network vendors, and storage vendors. Interoperability testing and certification with major vendors, such as IBM, HP, EMC, NetApp, Hitachi, McDATA, Brocade, Veritas, Legato and Cisco is highly desirable.
9. Tried, tested and true – Encryption algorithms and implementations must have been validated and certified by third-party evaluation labs. Official certifications such as FIPS 140-2 Level 3, NIST encryption certification, and Common Criteria are highly desired.
10. When All Else Fails – In case the worst happens, sensitive recovery operations must be protected by security measures such as two-factor authentication and quorum requirements (the "two-man rule").
The author work for Decru, which will exhibit at Infosecurity Europe 2005 in London, April 26-28.