I love talking about security. I get to put on my black trench coat and my black fedora, and then soon after I open my mouth a piano falls on my head.
Mark from the Security Consortium took time to write me over the weekend:
Hi Bill,
With the multitude of threats facing IP based protocols and what seem to be multiple protocol solutions in the SAN space, how much impact do you think RFC 3723 is going to have on SAN security in the short term and in the long term?
-m
Hi Mark,
Forget what I said about complexity. What I really meant to say was, “Data protection should be the number one thought on everyone’s mind.” Seriously though, data protection is a major part of the “complexity” issue we’re facing today. We’re doing more with less, and let’s face it: we’re getting pretty good at it. Except when it comes to managing our data. The bottom line is we’re going to have to get better at data protection and we’d better do it tout de suite before someone else does it for us. Data growth is terminally out of hand, and when the ground gets wet, things are going to slip and fall. I joke about backups falling off the truck, but it’s no joking matter to the millions of consumers whose personal and financial data is lost in transit each year. With government regulations in the U.S., Canada, and the European Union driving compliance for data privacy and data retention, data security is not an issue that will go away on its own.
While proprietary solutions can in some cases reduce time-to-market, open standards in general tend to produce better products. This will always be good for customers, especially when it comes to security. End users need scalable encryption mechanisms with support for multiple protocols and for whatever storage platform they choose to purchase. I wager that the storage security battle you’re talking about will be won by the vendor or vendors who can provide the most protection in the most platform-independent fashion possible, while still providing ease of management and ease of use (all at the right price point). No small feat!
Obviously, one way to protect data on tapes is to encrypt it. But why continue physically transporting tapes from one offsite location to another? Why not move your data in a secure manner over the wire (via iSCSI, FCIP, or iFCP, using IPsec and IKE) to an offsite bunker environment for archiving and preservation? This is just one solution to consider. Depending on the nature of the business, there may be many others. The marginal increase in capex required to expand your network would be easily be justified by keeping you and your manager out of the next congressional hearing on consumer data loss.
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
