News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Brian Garrett's picture
Brian Garrett

More posts | Read bio

March 9, 2006 - 9:52 A.M.

Storage Security in Steps

I was reading the March 13, 2006 issue of Business Week and stumbled across a fascinating article by Brian Grow on the emerging field of quantum cryptography.  Brian describes how particles of light, or photons, are  being used to intermingle "decoy" particles of light into an optical  data transmission stream using a private key known only to the sender and receiver.  Such transmissions aren't tamper-proof, but under the laws of physics, any attempt by hackers to inspect or insert photons triggers can be noticed.  This fascinating science published in the Feb 24th issue of Physical Review Letters got me to thinking about the steps that end users should be considering to secure corporate data assets.

My colleague at ESG, Jon Oltsik is known as the "chicken little of the storage industry".  Jon has been preaching for the past few years about the risks of poor storage security and the steps that end users can take.   Because of the many lost tape incidents in the news lately, most in the industry equate storage security with encryption. Jon suggests that there are many steps towards storage security and encryption is not always the answer.

Encryption is a very compute intensive task that can eat up lots of server CPU cycles.  Hardware dedicated to encrypting storage traffic solves that problem, but it is currently rather expensive and  only makes sense for tapes leaving the data center.  While we wait for encryption hardware to be commoditized and incorporated into storage devices, what's a data center manager to do?   Do we have to wait for the quantum physicists to master quantum cryptology?  Of course not – there are steps that can be taken today.

Start with physical security. In other words,  secure access to the data center where your disk arrays and tape libraries reside.  Change the default passwords on maintenance interfaces for storage arrays and switches.   Consider the use of new technologies like DLTSage Tape Security which was recently announced by Quantum. This feature can be used to "lock" a tape cartridge using a password ensuring that lost or stolen tapes can't be read by an unauthorized user.

We don't  need quantum cryptography to address the issue of storage security. Beginning with an honest assessment of risks and vulnerabilities, consider the steps that you can take today to secure your storage assets.  

 

Related Posts

The slow death of Fibre Channel?
Pervasive data protection in the corporate cloud
Shopping for single platter hard drives - Part 2
Los Angeles goes Google; dumps GroupWise; shuns Microsoft; ignores IBM

Today's Top Stories

IE9 to tap hardware to boost performance
Free Web apps to help organize your holidays
Report: Microsoft may pay News Corp. to delist from Google
KT to sell iPhone in South Korea
New attack fells Internet Explorer
Google's Chrome OS hits BitTorrent
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.