July 01, 2005

One More Potential Weak Link

Federal regulations are having a mixed impact on storage security. Only 17 percent of 319 sites report that regulatory compliance has spurred plans to update storage-security technologies. Even fewer companies - 12 percent - credit federal regulations with improvements in storage-security procedures. For some companies, compliance has spurred executive involvement. This may change as more companies are held publicly accountable for breaches of the information they store.

Regardless of which approach delivers the best enterprise-storage capacity, the consensus is that management applications and tools are critical to a successful storage strategy. Yet ongoing maintenance costs are one concern that companies have in achieving effective enterprise-storage security. Forty-six percent of business-technology professionals surveyed by Network Computing report that ongoing maintenance expenses are a hurdle to realizing storage safety.

Nearly half of the companies surveyed do not conduct network-penetration testing or do not include storage as part of formal network-penetration tests. However, 52 percent of the sites surveyed do include storage in their network tests. Yet less than 10 percent of the companies performing storage-penetration tests conduct them with employees who work outside the corporate headquarters. This is surprising, as research shows that these individuals often are the workers who enable malware attacks.

On the Net:

www.networkcomputing.com
www.informationweek.com