What are your biggest security fears related to storage virtualization?
What do you perceive to be the biggest security flaws or threats related to storage virtualization today?
Software/Hardware used:
Software/Hardware used:
ASKED:
July 13, 2009 8:40 PM
UPDATED:
August 8, 2009 12:55 AM
Answer Wiki:
Security..someone can steal a file containig a server and you would not eaven notice that.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
My issue is this...if anything gets compromised on that storage, I'm directly effected. I don't know where it's stored, I don't know how; I don't really know what security implementations are in place. I don't know if it's being targeted. But if it is, and the company is compromised, say from a legal perspective, my data becomes legal tender?!? My data becomes compromised?!? My data is lost?!?
Having the everything onsite makes management easier...and if somebody tries to steal it...my cameras show me who. Controlling who has access to the data is very important to us here. Maybe we are paranoid (we think not).
-Schmidtw
------------------------
Storage virtualization will take a while to be fully realized. Storage on the cloud, which is what Schmidtw is referring to I believe is an entirely different matter. To me the problem with storage virt.. is that its not here yet.
Vendors have been talking about it a long time, but havent gotten it yet. And once the vendor gets it working for their own product line, then we get into virtualizing other vendors' arrays and making virtualization agnostic about the underlying hardware.
To see all answers submitted to the Answer Wiki: View Answer History.
I don’t see any security issues when it comes to storage virtualization. Now management problems, there’s all sorts of those that can pop up when virtuilizating storage. If the LUN grows beyond the physical storage limits systems will crash. This could happen because the storage doesn’t send out an email, the email is ignored, etc.
I agree with mrdenny. The virtualization part is not the problem…it’s the people/process side of things that get us into trouble. Just like anything else security related if it’s not implemented and administered properly then anything’s fair game.