Compliance

00:14 AM
Martin J. Garvey, InformationWeek
Martin J. Garvey, InformationWeek
News
Connect Directly
RSS
E-Mail
50%
50%

Storage Networks: One More Potential Weak Link

Data moving across storage networks is the most exposed information in an enterprise.

Data moving across storage networks is the most exposed information in an enterprise. Storage networks connect with the Web in more ways than via host servers and direct-attached storage, making them greater security risks. Yet a recent survey conducted by Bank Systems & Technology's sibling publication, Network Computing, illustrates that the need for storage security isn't always translated into action.

Nearly 70 percent of the 635 business-technology professionals surveyed say their companies need storage-specific security. Many have plans to increase security for host servers, storage area network systems and associated interfaces. That's smart when you consider that attacks come in primarily over the Web and the network.

However, when a smaller group was asked whether storage is included in network-penetration tests at their companies, nearly one third, or 30 percent, of the 320 respondents say storage isn't part of penetration testing, while another 18 percent say their companies don't perform network-penetration tests at all.

Before regulatory compliance, nobody got jail time for lost or compromised data or paid millions of dollars in fines. Now, any company can be pulled into court and asked to produce evidence of security procedures or face penalties. So, are compliance regulations forcing companies to re-evaluate their storage-security practices? Network Computing's survey found that nearly 60 percent of respondents say federal regulations have had some effect on their companies' storage-security procedures and more than one in 10 say regulatory compliance has improved storage-security practices.

Several issues get in the way of providing adequate storage security, survey respondents say, including lack of communication and understanding between security and SAN groups, inadequate executive involvement and isolated management of networks.

Courtesy of InformationWeek, a CMP Media publication.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology Dec. 2, 2014
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.