The data explosion continues to drive the demand for increased storage capacity and a parallel need to secure that information. Companies are facing increased security threats from both within the organisation and externally.
A company’s data is one of its most valuable assets and organisations need to implement a thorough security plan taking all aspects of securing the data into account. Each point in the storage infrastructure provides a different security threat that must be dealt with using the most appropriate technologies available.
Some examples of these security domains include: data-in-flight; data-at-rest; authentication of devices and users; key management and end-to-end data integrity.
Receiving the highest levels of media attention is the domain of data-at-rest. It is particularly difficult, as well as critical, to protect data-at-rest which means data that is stored on a hard drive or other storage device.
It may be lost or stolen, sent back to the vendor for servicing, repurposed or simply disposed of because it is outdated. Either way most hard drives that leave the datacentre are operable and readable.
Even data striped across multiple drives in a RAID array is vulnerable as the segment size typically used in arrays is big enough to contain, for example, hundreds of names and National Insurance numbers in one segment.
Some datacentres hire professional services to dispose of decommissioned hard drives. However, the drives are still vulnerable, and the information on a hard drive that is sent offsite for secure disposal is as vulnerable as unsecured tape data leaving the datacentre.
Even if only one drive is lost or stolen, a company may be forced to pay millions of pounds in remedies for the compromised data.
In many countries around the world, law requires that a company publically disclose the loss or theft of sensitive data, however in the European Union (EU) if a drive containing sensitive data is lost or stolen, and a reasonable attempt has been made to encrypt the data, safe harbour laws in most cases do not require the company to disclose the loss or theft.
For the data-at-rest security domain, companies should consider the specific threat models that will possibly be encountered, and then choose the best methodology to protect against those threats. In the case of data-at-rest, there are several kinds of potential threats, which primarily deal with the drives leaving the users control.
One of the best solutions for protecting data-at-rest is to use standardised self-encrypting hard drives that automatically encrypt everything that is written to them.
This is a better solution than using a traditional hard drive and encrypting the data upstream from the drive. In this case, when the drive leaves the environment, the attacker can read the ciphertext at will, and use it as a hint to crack the encryption keys.
Self-encrypting drives prevent this method of attack, by not allowing any access to data until the drive is authenticated. Ciphertext is never exposed in a self-encrypting drive, and the only way to get at it would be through the use of destructive methods such as a spin stand.
Self-encrypting drives have no performance impact as the drives built-in encryption engines operate at full interface speeds and are very scalable.