Reliable access to information is the lifeblood of any business; it allows users to sell products, answer customers’ questions, work with partners, keep employees informed of new corporate policies, and run the daily operations of the business. Whether it is corporate, customer or employee information, data needs to be protected at all costs, from both external and internal security threats.
But where does a business start such a daunting process? The challenge starts in the Storage Area Network (SAN) where most organisations’ data resides, requiring storage administrators to deploy and manage a robust, non-disruptive, fabric-based data security strategy. By starting at the heart of the organisation, data integrity across the distributed enterprise is far more likely.
While there are many government and industry regulations standardizing how organisations should handle and protect personal information, compliance in and of itself should not be a driver of data security. Storage administrators need to work with the chief information security officer not simply to comply with these regulations, but rather to keep customer, corporate, and employee information safe (from both internal and external threats) while minimizing non-compliance risk for the organisation.
The storage fabric is already an inherently secure environment where the majority of corporate data resides. It is centralized and supports nearly every aspect of the data center – from the server environment and workstations to edge computing and the backup environment – making it an ideal place to standardize and consolidate a holistic security strategy.
However, does a fabric-based data security strategy inhibit productivity and how can an organisation have the best of both worlds? It’s not an easy question to answer. Let’s take for example the conundrum of allowing remote workers to do their jobs (i.e. in the field using laptops, PDAs and removable storage devices), yet ensuring information security. Service levels dictate that IT must allow employees to do their jobs as efficiently as possible, but storage administrators have the responsibility to protect the organisation from security threats and protect corporate, customer and employee information. All too often, however, efficiency and the freedom to do “whatever it takes to get the job done” wins out – at the expense of security.
It is up to the IT organisation to work with the business staff to develop, enforce and update robust security policies that protect data without impacting user productivity. The strategy must encompass a comprehensive solution that protects business data throughout the storage fabric. In the past, many organisations have deployed security software solutions that have had mixed degrees of success in detecting and stopping data breaches throughout the storage fabric. These software solutions needed to deploy an agent on each system in the environment or an agent integrated into the application, consuming hard drive capacity, CPU utilization, and network bandwidth. It is generally accepted today that this intelligence layer needs to reside directly on the network infrastructure, freeing servers to focus exclusively on their primary functions.
Building the security strategy
Given this assumption, a robust fabric-based data center security strategy must therefore start at the hardware level in the storage fabric where much of the framework required for this intelligence layer already exists. This security strategy should be:
• Holistic, extending this protective layer throughout the organisation
• Able to accommodate the explosive growth in data and the increasingly distributed nature of how, where, and when users create and access information
• Non-disruptive, eliminating unnecessary policies and procedures that might inhibit user productivity or IT processes such as backups and data migrations
• Cost-efficient, scalable, and interoperable, ensuring that all data in the fabric is being secured even in heterogeneous or distributed environments
• Easy to implement, manage, and update, ensuring that policies and procedures are routinely enforced
But what does this mean in reality? Given today’s competitive business environment, organisations cannot afford to deploy a robust fabric-based data center security strategy that degrades the performance of business systems or the speed in which data is delivered. Organisations must be able to react quickly to changing market conditions, making fast and accurate data accessibility a vital component to ensuring a flexible business. The key to this balance is not only a powerful storage fabric that provides the performance and flexibility required for fast data access and a security intelligence layer built directly into the infrastructure, but one that enforces/manages strict policies without impacting users.
In addition to ensuring consistent policy enforcement throughout the organisation, a fabric-based data center security solution simplifies management, leveraging automation to streamline basic administration and save valuable IT staffing resources. A proactive security strategy managed through a single fabric-based administrative console can help prevent potential breaches before they occur, saving the time it would take to clean up infected systems and allowing the organisation to avoid the embarrassment of having to report their data breaches to customers, industry watchdogs, and the public. However, this only functions successfully when organisations train both IT staff and users about the latest intrusion threats and detection techniques.
With malicious attacks becoming more sophisticated and internal security threats becoming more commonplace, organisations are facing greater obstacles in protecting the security of customer, employee, and corporate data. As a result, they need more holistic, powerful, scalable, and manageable security strategies throughout the storage fabric to help ensure data security. Fortunately, vendors are recognising these challenges and solutions are entering the market that will enable businesses to ensure the integrity of their storage fabric.