Storage Level Data Encryption
This isn’t something I have too much dealings with, but I have been involved a little. We’ve put in a few Decru/DataFort devices and they are all fine and good at encrypting the data on the disks, but are we over complicating the requirement?
What are we looking to protect, the physical data stored on the disks. So how can you access that? Lets assume it’s block level storage for now, so you’re restricted to iSCSI and FCP. FCP now has CHAP authentication support from the fabric vendors (although not yet across the board support from all parties), and iSCSI has had this since the start. So you need access to the predefined CHAP password.
We then have LUN masking, so long as you set this up properly, then only the named initiators can connect to the storage. Combine this with VLANs / SAN Zoning and we have security against spurious connections to the storage outside of what you intend. If you’re running Cisco, you could look at Private VLANs which give you the same level of restrictions as SAN Zoning.
Now the storage device doesn’t actually have knowledge of the data itself as it is presenting block level storage, this is presented to the host OS. So even if we did encrypt this at the disk level, the host OS gets the decrypted version. Surely the host OS is the weakest link here? We need to make sure that access to the host OS is closely guarded and monitored.
Preventative measures such as securing the LUN masking and security information of the LUN on the disk level would surely make sense? In a similar way to SnapLock Compliance, we can secure the data from being ported to another system physically.
Of course having Role Based Access improvements to secure certain volumes / LUNs against general viewing / changing would also be very advantageous, and if you have worries about physical access to your storage, then there are going to be similar worries about physical access elsewhere and to other systems!
As far as I can see, the priority here is not at the storage level, but at the system level where the data is always decrypted and security is at it’s weakest. Both physical and remote!
