ITPro has written an article about the rise of storage security – how the rise in data retention has sparked the need to look at data security in all aspects of the data storage lifecycle.

Data now resides in many places: on the desktop computer, the laptop, the PDA, the email server, the USB drive, and on the phone. Data is constantly moving. So, that data must be protected so that it is not lost, destroyed, or that it does not fall into the wrong hands (data breach).

Encryption, while solving some hard disk security issues, has its own downsides. The cost to manage, the loss of the encryption key, the lag in the system are all issues that must be looked at. It is also only part of the data security picture. Other suggestions include:

  • Classify data - confidential information would be more restricted (a task best done with security and business people)
  • Don’t force security into existing infrastructure - the deployment should be planned, ideally along with a change in system architecture
  • Restrict access - along with classifying information, users should have role-based access to only the information they need to see
  • Be aware - use a security awareness program to sort out people and processes and to be alerted if the policy is breached in any way
  • Set a clear policy to guide employees – clear detail on how to handle files
  • Storage security is not off-the-shelf - there is no single catch all solution, and all technology requires management and enforcement.

The biggest key of this article is that it’s not just technology that will solve the issue – it’s people. It’s training and enforcement and management.

Technology does not remove the need to think about what data to protect, and that means communicating with the business owners around the organisation, and coming to a joint decision about how to proceed. It also means communicating in clear terms with users to ensure they understand why any of this matters.

Tags: , , , , , , ,

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • StumbleUpon
  • Technorati