 |
 |
| Storage Channel Tips: |
|
 |
 |

REGULATORY COMPLIANCE SERVICES
Defining data security vs. data protection
Greg Schulz, Contributor 06.18.2007
Rating: --- (out of 5)




|
When you hear the phrase data security, what comes to mind? Encryption, key management, locked doors, tamper-proof audit logs, firewalls, biometric card key access, passwords, logical, physical, privacy screen filters or secure erase and asset disposal? Answer 'yes' to any of these among others and you are on track with regard to data security. However, there is confusion between terms like data protection, which can mean protecting data through backup, snapshots and replication, and terms that infer data security from a logical or physical standpoint.
[TABLE] Logical vs. physical data security
Logical security, particularly encryption, tends to get more coverage due to the increase in reported incidents of data being lost or stolen on laptop computers, disk drives or magnetic tapes. However, lost or stolen data can also be attributed to a lack of physical security and issues with logical security. Granted there are more external threats to data now than ever before, and you must secure data against threats beyond the confines of a customer's business to meet privacy and regulatory compliance requirements. Yet when speaking with IT organizations of all sizes, a common concern is internal threats, in addition to external threats.
Let's review some techniques and technologies to address various security threat risks.
Physical security services may include the following:
Physical card and ID, if not biometric access card, for secure facilities
Security and safe disposition of storage media and assets
Asset and media audits on site and off site
RFID-enabled volume labels for removable magnetic tape and disks
GPS-enabled tracking transportation or shipping cases for removable media
<
To continue reading for free, register below or login
To read more you must become a member of SearchStorageChannel.com
');
// -->

li>Secure digital shredding of deleted data with appropriate audit controls
Video surveillance of IT assets and equipment and management consoles
Physical transportation of removable media (disks, tapes, CDs) and printouts
Monitoring of IT equipment, including power, cooling and ventilation
Locked doors to equipment rooms and secure cabinets and network ports
Background checks on employees and contractors who handle data and media
Usage or disablement of portable media including PDA and USB thumb drives
Asset tracking of portable devices and personal or visiting devices
Limits or restrictions on photo or camera usage in and around data centers
Low-key facilities absent of large signs advertising a data center's location
Closed window blinds, especially when using backup power during a power outage
Protected (hardened) facility against fire, flood, tornado and other events
Logical security services may include the following:
Usernames and passwords along with rights management
Virtual private networks (VPNs)
User credential authentication and individual rights authorization
Logical storage partitions and logical or virtual storage systems
Audit trails and logs of who accessed what, when and from where
LUN and volume mapping and masking, and SAN port and device zoning
SAN segmentation and logical isolation (logical SANs)
Encryption of data at rest (on disk or tape) or in flight (transmitted over network)
Encryption key and digital rights management
Secure servers, file systems, storage, network devices and management tools
[TABLE][TABLE][TABLE]
 |

|
|
 |
|
 |
 |
 |
 |
| TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of . |
|
| |
All Rights Reserved, , TechTarget |
|
|
|
|
|