Data storage devices—even on SANs—have for the most part functioned in a vacuum. But as new technology has made stored data more accessible and more plentiful than ever, theres a pressing need to put more safeguards in place.
In the "old" days (like last year), it was nearly impossible to hack into storage area networks or DAS (direct-attached storage) devices because they were independent entities, usually confined to a single building or a limited number of locations away from the general IP network. The increasing use of iSCSI, however, has opened up storage devices to IP networks, making it easier for hackers to access data streams and see storage units on the network.
Further complicating matters are initiatives such as ILM (information lifecycle management), which calls for the storage of redundant copies of data in more than one location and on different kinds of media. The creation of multiple tiers of storage, while important for availability, gives IT managers more storage systems to protect.
A number of new products address this growing vulnerability by leaning on trusted encryption technologies such as AES (Advanced Encryption Standard) and Triple DES (Data Encryption Standard). The use of these standards lends tenability to what is a relatively immature market.
In addition to threats from inside and outside the organization, government regulations are a big driver for implementing security systems that encrypt data. California law SB 1386, for example, states that companies holding data must disclose to customers any breach of unencrypted information. By implementing storage security devices that encrypt customers data, companies can avoid embarrassing and potentially harmful public disclosures of security flaws.
eWEEK Labs evaluated two such products, Decru Inc.s DataFort E515 and NeoScale Systems Inc.s CryptoStor for Tape 502. Both appliances encrypt data on storage devices—the DataFort, on file servers; the CryptoStor, on tape systems—helping to ensure that corporate information cannot be accessed even if the devices fall into the wrong hands. (Decru also offers a DataFort system for tape, and both vendors provide encryption solutions for SANs.)
The appliances we tested were not intended to replace traditional perimeter IP network defenses or physical security systems, but they can provide a tough layer of protection from internal and external threats.
eWEEK Labs was impressed with the way in which the DataFort and CryptoStor products can be seamlessly implemented. Both products will add some cost and complexity to an organizations storage management framework, but the peace of mind they provide is a fair trade-off.
Senior Analyst Henry Baltazar can be reached at email@example.com.
Be sure to add our eWEEK.com storage news feed to your RSS newsreader or My Yahoo page: