computerwoche.de

Archiv

Top 10 ways to secure your stored data

04.08.2006

-- Some storage and networking tools will encourage you to change management passwords at initial installation. I hope that this sounds like common sense, however, due diligence is to say the obvious -- change default passwords at installation and on an ongoing basis. Likewise, restrict access to management tools to those who need it.

-- Know who has physical access to fixed and removable data-storage media and devices. Leverage access logs as well as perform background checks of contractor and third-party personnel who will be handling your data and media. Identify where weak links are in your data-movement processes and correct those deficiencies. Data-discovery tools can be used to identify sensitive data that may not be adequately protected.

-- If you are currently moving data electronically to avoid losing tapes or are planning to, then make sure data being transmitted over a public or private network is safe and secure. Some techniqes to protect data while in-flight include encryption, virtual private networks and the IPSec protocol.

-- Data encryption is a topic people in the industry like to talk about, however, like other technologies, wide-scale mass adoption has been elusive. However, as a trend, encryption -- in some shape or form -- is here to stay and most likely is in your future. There is plenty of debate as to when (at rest, in flight), where (storage, network, appliance, servers) and how (hardware, software) to implement encryption. For now, consider what the level or depth of encryption you need to counter your applicable threats. Also, consider how key management will be performed for your environment. In addition, consider the potential effect on performance and interoperability for your environment when looking at data-encryption technologies.

-- Avoid letting data security become a bottleneck to productivity, because that is a sure way to compromise a security initiative. The more transparent the security is to those who are authorized to use the data, the less likely those users will try to circumvent your efforts.