Protecting NVMe over Fabrics Data from Day One, The Armored Truck Way

April 27, 2021April 28, 2021 John Kim

With ever increasing threat vectors both inside and outside the data center, a compromised customer dataset can quickly result in a torrent of lost business data, eroded trust, significant penalties, and potential lawsuits. Potential vulnerabilities exist at every point when scaling out NVMe® storage, which requires data to be secured every time it leaves a server or the storage media, not just when leaving the data center. NVMe over Fabrics is poised to be the one of the most dominant storage transports of the future and securing and validating the vast amounts of data that will traverse this fabric is not just prudent, but paramount. Read More

A Q&A on Protecting Data from New COVID Threats

February 17, 2021February 17, 2021 Alex McDonald

The SNIA Cloud Storage Technologies Initiative began 2021 discussing the topic that has been on everyone’s mind for the last year – COVID-19. But rather than talking about positive cases or vaccine availability, our experts, Eric Hibbard and Mounir Elmously, explored how COVID has increased cybersecurity concerns and impacted the way organizations must adapt their security practices in order to ensure data privacy and data protection. If you missed our live webcast “Data Privacy and Data Protection in the COIVD Era” it’s available on-demand. As expected, the session raised several questions on how to mitigate the risks from increased social engineering and ransomware attacks and how to limit increased vulnerabilities from the flood of remote workers. Here are answers to the session’s questions from our experts. Q: Do you have any recommendations for structuring a rapid response to an ongoing security threat? Read More

How COVID has Changed Data Privacy and Data Protection

January 6, 2021January 6, 2021 Alex McDonald

The COVID-19 Pandemic has amplified cybersecurity concerns particularly related to the cloud. Threat actors have recognized a unique opportunity to exploit pandemic-related vulnerabilities through social engineering attacks, business email compromise, work from home and other remote weak points. This results in increased risk and occurrence of ransomware attacks and data breaches that can disrupt or totally compromise organizations’ ability to conduct business. These security incidents can also subject victims to liability for violations of privacy and data breach notification laws. The SNIA Cloud Storage Technologies Initiative (CSTI) will be taking on this important topic with a live webcast on January 20, 2021, “Data Privacy and Data Protection in the COVID Era” where our SNIA experts will discuss: Read More

Questions on Securing Data in Transit Answered

December 9, 2020December 9, 2020 Alex McDonald

Data in transit provides a large attack surface for bad actors. Keeping data secure from threats and compromise while it’s being transmitted was the topic at our live SNIA Networking Storage Forum (NSF) webcast, Securing Data in Transit. Our presenters, Claudio DeSanti, Ariel Kit, Cesar Obediente, and Brandon Hoff did an excellent job explaining how to mitigate risks. We had several questions during the live event. Our panel of speakers have been kind enough to answer them here. Q. Could we control the most important point – identity, that is, the permission of every data transportation must have an identity label, so that we can control anomalies and misbehaviors easily? Read More

How Can You Keep Data in Transit Secure?

October 12, 2020October 12, 2020 AlexMcDonald

It’s well known that data is often considered less secure while in motion, particularly across public networks, and attackers are finding increasingly innovative ways to snoop on and compromise data in flight. But risks can be mitigated with foresight and planning. So how do you adequately protect data in transit? It’s the next topic the SNIA Networking Storage Forum (NSF) will tackle as part of our Storage Networking Security Webcast Series. Join us October 28, 2020 for our live webcast Securing Data in Transit. In this webcast, we’ll cover what the threats are to your data as it’s transmitted, how attackers can interfere with data along its journey, and methods of putting effective protection measures in place for data in transit. We’ll discuss: Read More

An FAQ on the “Fine Print” of Cyber Insurance

September 30, 2020September 30, 2020 Paul Talbut

Last month, the SNIA Cloud Storage Technologies Initiative, convened experts, Eric Hibbard and Casey Boggs, for a webcast on cyber insurance – a growing area to further mitigate risks from cyber attacks. However, as our attendees learned, cyber insurance is not as simple as buying a pre-packaged policy. If you missed the live event “Does Your Cyber Insurance Strategy Need a Tune-Up” you can watch it on-demand. Determining where and how cyber insurance fits in a risk management program generates a lot of questions. Our experts have provided answer sto them all here: Q. Do “mega” companies buy cyber insurance or do they self-insure? A. Many Fortune 500 companies do carry cyber insurance. The scope of coverage can vary significantly. Concerns over ransomware are often a driver. Publicly traded companies have a need to meet due care obligations and cyber insurance is a way of demonstrating this. Q. Insurance companies don’t like to pay out. I suspect making a claim is quite contentious? Read More

Security & Privacy Regulations: An Expert Q&A

September 24, 2020September 24, 2020 J Metz

Last month the SNIA Networking Storage Forum continued its Storage Networking Security Webcast series with a presentation on Security & Privacy Regulations. We were fortunate to have security experts, Thomas Rivera and Eric Hibbard, explain the current state of regulations related to data protection and data privacy. If you missed it, it’s available on-demand. Q. Do you see the US working towards a national policy around privacy or is it going to stay state-specified? A. This probably will not happen anytime soon due to political reasons. Having a national policy on privacy is not necessarily a good thing, depending on your state. Such a policy would likely have a preemption clause and could be used to diminish requirements from states like CA and MA. Read More

Non-Cryptic Answers to Common Cryptography Questions

September 23, 2020September 23, 2020 AlexMcDonald

The SNIA Networking Storage Forum’s Storage Networking Security Webcast Series continues to examine the many different aspects of storage security. At our most recent webcast on applied cryptography, our experts dove into user authentication, data encryption, hashing, blockchain and more. If you missed the live event, you can watch it on-demand. Attendees of the live event had some very interesting questions on this topic and here are answer to them all: Q. Can hashes be used for storage deduplication? If so, do the hashes need to be 100% collision-proof to be used for deduplication? A. Yes, hashes are often used for storage deduplication. It’s preferred that they be collision-proof but it’s not required if the deduplication software does a bit-by-bit comparison of any files that produce the same hash in order to verify if they really are identical or not. If the hash is 100% collision-proof then there is no need to run bit-by-bit comparisons of files that produce the same hash value. Q. Do cloud or backup service vendors use blockchain proof of space to prove to customers how much storage space is available or has been reserved? Read More

Think your Backup is Your Archive? Think Again!

July 28, 2020July 28, 2020 Mounir Elmously Leave a comment

The challenges of archiving structured and unstructured data

Traditionally, organizations had two electronic storage technologies: disk and tape. Whilst disk became the primary storage media, tape offered a cost-effective media to store infrequently accessed contents.

This led organizations to consider tape as not just a backup media but as the organization’s archive which then resulted in using monthly full system backups over extended durations to support archiving requirements.

Over time, legislative and regulatory bodies began to accept extended time delays for inquiries and investigations caused by tape restore limitations.

Since the beginning of this century, the following trends have impacted the IT industry:

Single disk drive capacity has grown exponentially to multi-TB delivering cost effective performance levels.
The exponential growth of unstructured data due to the introduction of social media networks, Internet of Things, etc. have exceeded all planned growth.
The introduction of cloud storage (storage as a service) that offer an easy way to acquire storage services with incremental investment that fits any organization’s financial planning at virtually infinite scalability.

A Q&A on Protecting Data-at-Rest

July 28, 2020July 28, 2020 Steve Vanderlinden

One of the most important aspects of security is how to protect the data that is just “sitting there” called data-at-rest. There are many requirements for securing data-at-rest and they were discussed in detail at our SNIA Networking Storage Forum (NSF) webcast Storage Networking Security: Protecting Data-at-Rest. If you missed the live event, you can watch it on-demand and access the presentation slides here. As we promised during the webcast, here are our experts’ answers to the questions from this presentation: Q. If data is encrypted at rest, is it still vulnerable to ransomware attacks? A. Yes, encrypted data is still vulnerable to ransomware attacks as the attack would simply re-encrypt the encrypted data with a key known only to the attacker. Q. The data at rest is best implemented at the storage device. The Media Encryption Key (MEK) is located in the devices per the Trusted Computing Group (TCG) spec. NIST requires the MEK to be sanitized before decommissioning the devices. But devices do fail, because of a 3-5 year life span. Would it be better to manage the MEK in the Key Management System (KMS) or Hardware Security Module (HSM) in cloud/enterprise storage? Read More