As data storage is increasingly networked to allow wider access, keeping the system secure has become a priority, says Ian Bond.
One of the fundamental shifts in IT departments over the past five yearshas been the increasing use of networked data storage systems acrossorganisations. While this has delivered many benefits, it has broughtwith it a security threat that needs to be managed.
Storage systems have traditionally been considered secure becausedeployments have been limited to part of a single data centre, inessence a physically isolated environment. However, the advent ofnetworked storage means that storage security should now move onto theCIO's list of priorities.
It is not uncommon to find a storage area network (SAN) that spansoutside a data centre. SAN extension technologies such as DWDM, CWDM andFCIP can be used to connect devices and storage across multiplelocations.
As the number of devices connected to a SAN increases and distributedSANs become more common, it is dangerous to depend on security throughisolation. Just as security is a consideration when sensitiveinformation passes over data networks, the same care should be takenwhen deploying a SAN.
SAN security must be able to deal with three types of threat: external -hackers and people with malicious intent; internal - unauthorised staffand compromised devices; and unintentional threats from authorisedusers, such as misconfigurations and human errors.
While the first two are relatively straightforward and well understoodfrom a security standpoint, the third is less simple. Minimal, if any,attention has been paid to unintentional security threats fromauthorised users.
The standard application and server administration approach of grantingthe minimum privileges to perform a task holds true when working with astorage area network. There are many facets to this. The benefits oflocking down operator privileges on a switch using role-basedauthentication are easily understood; but others, such as minimising theprobability of a disruptive fabric reconfiguration as a result ofmisconfiguration, are less obvious. Many of these blur the boundariesbetween storage network security, best practice design andhigh-availability SAN design, but all are important from the perspectivethat correctly configured secure switches can help prevent bothdeliberate and unintentional disruptions.
Securing data in the broader sense falls into two further focus areas:data in transit and at rest. Many features to enable security in boththese states, including encryption of data in transit on both fibrechannel (FC) and internet protocol (IP) networks and encryption of dataon storage media, are now being delivered by storage technology vendorsand should be included in any security policy developed by ITdepartments.
Vulnerabilities and threats can prevent users from accessingmission-critical applications, directly disrupt application operation orcompromise confidential and valuable information. It is essential thatsecurity and network managers collaborate to understand the particularvulnerabilities and threats to data-centre resources, so they candevelop a robust security policy and deliver this in an adoptedarchitecture. CIOs must now ensure that storage security is included inthe design of the wider IT security policy.
Aligning this policy to business goals will help define security zones -areas of the data centre separated into zones to minimise the impact ofan attack. Following this up with a security posture assessment willallow the business to set appropriate risk levels for each asset/zonebased on importance and cost factors.
At the heart of the process should be a strategy of defence in depth:rather than just securing the perimeter or deploying some accesscontrols internally, security measures should be placed throughout thenetwork to defend the SAN. This way, if there is a breach in one part ofthe network, there are still many layers of security before a maliciousprogram or hacker can reach the crown jewels.
Complementing this strategy with an automatic alert and defence systemto notify when breaches occur also means the attack can be isolated andcontained. Finally, it is essential to monitor the efficiency of thedeployed solution and review and change the policy if necessary.
Security should not be seen as a storage add-on, it is a continuousprocess that should be integrated with data-centre operations. With ahighly resilient, efficient and adaptive data-centre network in place,CIOs can spend less time worrying about data security and more time onrealigning resources for growth by addressing competitive pressures,extending market reach and speeding up time-to-market of newservices.
- Ian Bond is a data centre consultant at Cisco Systems UK & Ireland.