Home » The Art of Data Protection » Storage Needs Security, Too! 3 Common Mistakes
Storage Needs Security, Too! 3 Common Mistakes
March 30, 2012, 10:05 am EDT
By Chris Winter, Director of Product Management, Storage Security Solutions
Even small organizations have hundreds of thousands of files – databases full of HR information, financial data or competitive research – that could be dangerous in the wrong hands. Many organizations know that security is necessary, especially if there are compliance mandates, but with all the different solutions, it’s difficult to know which solution is right for you. I’ll give you three common mistakes organizations make when trying to secure storage, and one solution (coincidentally from SafeNet) that solves many of the issues organizations face with the other 3 options.
Three Common Mistakes
- 1) Relying on FDE drives. FDE (full disk encryption) drives sound great – a drive that encrypts itself? Sign me up! But in reality, they don’t give organizations the kind of control needed to comply with regulations, or prevent employees from accessing sensitive information. For example, if the HR folder and the Finance folder are stored on the same disk or disk array, employees in finance could have full access to HR files, and vice cersa. FDE ensures that if the drive is physically removed from the data center, no one can access the information. But it does nothing to protect credit card, patient info, employee records, or executive meeting notes from employees within the organization.
- 2) Choosing a solution that requires an agent on every client (user or application). This results in thousands of clients each with their own agent, which turns into a management nightmare.
- 3) Choosing a solution that performs encryption in the switch itself. While this is highly effective, it’s also extremely expensive, and requires a forklift upgrade to your infrastructure. If you’re willing to spend the money, go ahead! But there are solutions that are just as effective for a fraction of the cost.
My Recommended Solution
Here at SafeNet, we’ve looked at all these common mistakes and come up with a solution that addresses the issues. Visit us at Storage Network World in Booth #517 April 2-5 in Dallas, Texas for a never-before-seen preview of our upcoming storage encryption solution, StorageSecure, as well as KeySecure, the industry’s first hardware-based enterprise key management platform.
If you can’t be at the show, StorageSecure is the only hardware-based storage encryption solution that’s completely transparent to the users. It enables compliance and confidentiality, can be installed in as little as 4-8hrs, has low management requirements, and allows granular ecryption to the file & folder level. Each individual user and application can have their own encryption key (easily managed with KeySecure), so folders – and even documents – can be locked down by individual user, preventing rogue admins from running amok. Or just enabling you to pass that next audit. No matter what your storage encryption needs, StorageSecure gives you control of your storage.
Back to The Art of Data Protection blog homepage.This entry was posted in Crypto and tagged agent, CIFS, client, ethernet, FDE, full disk encryption, NAS, NFS, SAN, Storage, storage security by SafeNet. Bookmark the permalink.
Andrew Gertz May 15, 2015, 04:25 pm UTC
Stephen Helm June 3, 2014, 10:30 am UTC
Andrew Gertz April 15, 2015, 03:27 am UTC
Doron Cohen March 13, 2013, 08:15 am UTC