|
|
Publication of Best Current Practices and January's Storage Security Summit Highlight SNIA Storage Security Activities
Learn more about storage and security with the latest materials and events from the SNIA Storage Security Industry Forum (SSIF) and Security TWG. The groups have published a revised set of best current practices for storage security, and the upcoming Storage Security Summit, sponsored by Brocade, Seagate, and Sun Microsystems, and hosted by the SSIF, is the only educational industry event specifically targeted to understanding the upfront and continuing effort required to secure the storage layer (see below for more information).
New Storage Security Best Current Practices Now Online
Best current practices for storage security play an important role in increasing knowledge and awareness of what may be categorized as information assurance - information security, networking and communications security, host based security, and data security.
The "SNIA Storage Security Best Current Practices (BCPs) Version 2.0," now online at http://www.snia.org/forums/ssif/programs/best_practices/, are designed for use by practitioners, IT architects, IT managers, and corporate executives, especially Chief Information Officers and Chief Security Officers, according to author Eric Hibbard, CISSP, CISP, and Security TWG chair. "The BCPs," Hibbard stated, "have the goal to provide broad guidance to organizations seeking to secure their individual storage systems as well as their storage ecosystems, and are presented in a collection that organizations can use to select their own 'best practices'."
The new BCPs build on the ten security recommendations first issued in the original Best Current Practices document, and now feature technology-specific practices as well as core practices for general storage, storage systems, and storage management security. Most of the original recommendations are now elements of the 2007 General Storage Security BCPs, and are augmented by:
- Additional core practices for storage systems security and storage management security that apply generally to all storage
- Specific best practices for NAS, block-based IP, and Fibre Channel storage
- Specific best practices for encryption, key management, and archive security
Storage Security Summit Only Event That Focuses On Securing the Storage Layer
Legal, regulatory, and due diligence requirements are driving the implementation of data protection and security measures at many companies. Both security and storage professionals need to understand the challenges of security in the storage ecosystem, and how they can manage the impact of electronic discovery, regulatory compliance, and personal identifiable information in their organization.
The Storage Security Summit, January 30-February 1, 2008, in Santa Clara California, is the only educational industry event specifically targeted to understanding the upfront and continuing effort required to secure the storage layer. Hosted by the SSIF and sponsored by Brocade, Seagate, and Sun Microsystems, the Summit delivers the latest in vendor-neutral storage security technology knowledge, with sessions focused on vital issues confronting storage and security professionals today including key management, eDiscovery, and securing long-term archives.
Featuring leading industry speakers in sessions that address issues and challenges of storage security, research and futures, and user perspectives, the Storage Security Summit includes a keynote by Steven W. Teppler, CEO of TimeCertain, who provides new insights on authentication and deploying new technology to address emerging compliance challenges, as well as developing and adhering to robust policies built around these deployments. Other sessions feature scalable security for petascale parallel file systems, a deep dive into key management, 100 year archive security impacts, the "grand challenge" of storage security, and an IT end user's perspective on what it means to be "storage secure."
Registration is available for the entire Summit event or the Tutorial Day only, and special registration discounts are available to those who register before December 15, 2007. Sponsorship packages are also available that include group attendance discounts. With such a robust agenda, past participants have used attendance at the Tutorial Education Day and the Storage Security Summit to fulfill some of the annual Continuing Professional Education (CPE) requirements for professional organizations. Up to 18 CPEs may be earned during the Summit.
Please visit www.snia.org/security_summit for a full agenda, registration details, and information on CPEs.
|
