Storage vulnerability: security for storage is sparking action - Security - Industry Overview

Computer Technology Review, Oct, 2002 by Mark Ferelli

Regular readers of CTR are aware that the pacing items that have slowed the acceptance of SAN in the enterprise have been interoperability, management, and security. Interoperability is a multi-headed creature that the industry continues to battle both on the device and fabric level. Management tools from both start-up firms and storage software veterans will eventually provide a sophisticated management capability. But security--now there's an issue

Security is among the hottest of all IT concerns, but in the enterprise-storage industry security is remarkably unpopular. Very often, the well-researched network-security industry is trusted to handle all of the security needs on the network, but it is arguable that it is insufficient. Today's DAS implementations, NAS, and SANs have far more security weaknesses than many storage vendors admit. And the situation will get worse as the newest storage technologies, including FCIP and storage virtualization, become the rule rather than the exception.

Why security on the storage level? According to Mike Alvarado at Neoscale, who chairs SNIA's storage security forum: "Storage has started to distribute all over the landscape. Technology people have started to recognize that they can do more than perimeter security... they can have more levels of security. This means if you're going to put data out in insecure locations (which is most of the world), the extra levels are going to help that process. So, by making storage more secure, you can enable data to be stored in remote locations, or any location you want, including over insecure links. And if data is able to be more widely distributed, then access availability, all of the attributes people want to associate with their data, will be better. So, security is fundamentally, I think, tied into questions that people have asked around: "How do I improve availability, how do I improve scalability of my data?"

Because currently operating SANs run on a Fibre Channel infrastructure separate from a host network's main IP connectivity, physical access is required to make changes. A virtual break-in is nearly impossible in theory, but it is never wise to count out that one clever hacker. When Fibre Channel was originally conceived, a security plan wasn't needed: one way in, one way out is easy to guard. Then came the development of the Fibre Channel switch, and with it came the need for a security safeguard.

Many established vendors do offer safeguards: EMC offers LUN masking and zoning software; Network Appliance, the market leader in NAS filers, offers SSH (Secure Shell), SSL (Secure Sockets Layer), and Kerberos support.

SAN viruses could also become a concern. A virus backed up through a disk-mirror or point-in-time copy could be written to notice if it's backed up to a SAN, and it could then propagate itself.

Some safeguards are on the way. For example, the Fibre Channel Security protocol currently in development by T-11.3, the software division of ANSI's Fibre Channel working group, can likely be used to secure Fibre Channel over IP.

Important hut Don't Despair

No one would argue that the security issues are not serious. Here are some steps to take that help to ensure security without throwing hands up in despair:

BACK UP! Backup often. Backup to remote sites. Backup in multiple formats. Even the worse infosecurity conflagration can be contained if you have a complete, up-to-date backup. Routine is critical here. A backup schedule can be as simple as copying a day's work to a Zip disk or as complex as on-the-fly backups of critical online data. Be sure not to rely on any one backup medium or format. if you use Zip disks, make a few backups to floppy in case your Zip drive is suffering from an insidious undetected read/write glitch. if you backup using tape, use CD-RWs sometimes, and vice versa.

LOCK DOWN! Modern science can count the number of atoms in the universe (10 (77) excluding dark matter) but no one knows how many computers are stolen every year. Public-access computers and laptops are particularly prone to the "walking computer" syndrome. if you have machines exposed out in the open, lock 'em down with cables attached to nearby pieces of big furniture.

ENCRYPT! Do this where necessary. If you have confidential data on a machine that 1) more than one person uses or 2) is connected to the Internet, encrypt that data now. Crypto software can provide defense-in-depth: Even if your computer is stolen, the data will be safe if it's been properly encrypted. Take care in selecting an encryption program. Crypto software is notoriously difficult to produce: Be wary of "snake-oil" crypto vendors that make claims about "military-grade" security or "secret algorithms."

There are several existing and upcoming tools for encryption. PC Guardian offers a complete line of encryption products--based on the public Blowfish algorithm--for protecting files, folders, and even entire hard drives. The company, in press statements, points out that there are numerous benefits to the full-disk approach, as opposed to mere file encryption. Manual file-by-file encryption is laborious and error prone. It's all too easy for a user to leave sensitive information unprotected. Even if the user is exceptionally careful, Windows application data gets stored in numerous locations, including temporary directories and swap files. Full-disk encryption addresses the sloppiness of both users and applications: all data is encrypted, regardless of user work habits and application file storage routines.