Enterprise IT Watch Blog

Jun 15 2010   6:01AM GMT

Storage Decisions 2010: Storage Insecurities Ride On



Posted by: Kevin Beaver
Tags:
Security
Storage in 2010
storage security

As TechTarget’s Storage Decisions conference wrapped up today, I was perusing the conference site and noticed something peculiar about the sessions. There are sessions on backup. There are sessions on disaster recovery. There’s even one on ITIL. But nowhere could I find anything on storage security.

Sure, being a security guy, I’m biased in my approach, but if storage security is not being discussed at such a high-profile conference, where is it being discussed? Well, perhaps there’s some coverage at RSA, CSI, and related security shows, but I wouldn’t think those are the shows where storage admins are hanging out.

My point is, there’s still a disconnect between the perceived risks of storage systems and the actual risks. Based on just the storage-related vulnerabilities in the past 12 months alone (search the word “storage” here), there are obviously some things that should concern any given business. Storage is more than boring old disk drives; it’s applications, operating systems, and firmware that present a relatively broad attack surface on the network. What is your organization doing about it?

Kevin Beaver is an independent information security consultant, keynote speaker, and expert witness with Principle Logic, LLC and a contributor to the IT Watch Blog.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: