Security professionals lack the knowledge of SAN architectures that would allow them to properly secure storage systems, according to Eric Hibbard, the Chair of SNIA’s Security Technical Working Group and Senior Director for Data Networking Technology in the Office of the CTO at Hitachi Data Systems. Hibbard is also a member of the Storage Security Industry Forum (SSIF), the Data Management Forum (DMF), the Storage Management Initiative Technical Steering Group (SMI TSG).
“In my experience - and I come at this from the angle of a security professional who has joined the storage industry - we see security people and auditors thinking about storage as direct-attached storage. There is not enough thinking about the SAN infrastructure and how it has materialised.”
Storage professionals, meanwhile, seldom raise security concerns.
“They have never really had to deal with security,” Hibbard says. “They think: ‘we live inside the firewall and security is someone else’s problem.’”
The result, he says, is not vulnerabilities but a missed opportunity to include storage systems in defence-in-depth strategies.
“CHAP authentication is built into the iSCSIS protocol, so you can authenticate the target and the initiator,” he says. “But if you ask folks who use it how many have turned it on, it is only a very small percentage. So part of the challenge [for SNIA and the industry] is to raise awareness so that users understand they have some options.”
Hibbard also criticised some vendor approaches to storage security, saying that current marketing around terms like “data leakage prevention” masks the fact that process, not technology, is the answer.
“Maybe a small portion of the problem is technology- oriented,” he says. “It speaks to huge issues with policies and processes. If someone takes a disk out of an array and did not sanitise the media – that’s a process problem.”
Future SCSI security
Hibbard believes an important advance in storage security will shortly emerge from the Incits T10 committee.
“I think we are seeing at the SCSI command level some very early work similar to that. IU don’t know what the transport is going to be. it could be Fiber Channel over Ethernet. But the one thing that is consistent is SCSI.”
Another issue he is concerned about is long-term archiving
“The security implications of the 100-year archive are frightening,” he says. “The encryption algorithms may have to be replaced three or four times over the life of the data.”
“How how do you ensure you have data authenticity under those circumstances? We use digital signatures to do it now. But in ten years the mechanism you use to verify that may have disappeared? So how do you make sure the original access controls are maintained when everyone associated with the creation of that data is dead?”
“The building blocks to solve that problem are not even on the drawing board. The IETF has basic work on digital signatures, but I do not see a lot of work.”