In the wake of all the data breaches, privacy scandals, and cybercrime in the world these days, it can be worrisome if you’re responsible for keeping your company and customer data safe. Sure, there are standards to help you plan and implement policies and procedures around data security, like the ISO/IEC 27040:2015 document. It provides detailed technical guidance on how organizations can be consistent in their approach to plan, design, document and implement data storage security. While the ISO/IEC 27040 standard is fairly thorough, there are some specific elements in the area of data protection — including data preservation, data authenticity, archival security and data disposition — that the ISO document doesn’t fully get into. The Storage Networking Industry Association (SNIA) Security Technical Working Group (TWG) has released a whitepaper that addresses these specific topics in data protection. One of a series of educational documents provided by the TWG, this one extends, builds on, and complements the ISO 27040 standard, while also suggesting best practices.

SNIA’s Technical Work Group Activity for 2018

Data protection is an essential element of storage security, with many nuanced issues to work through. Data must be stored, it must be kept private, and clear decisions must be made about who needs access to the data, where that data resides, what types of devices and data exist in the system, how data is recovered during disasters or regular operations, and what best practice technologies should be in place in your organization. The SNIA’s new technical whitepaper addresses these issues in depth in order to raise awareness of data protection and help educate those in the storage security business (and most companies are, these days). The document also highlights relevant data protection guidance from ISO/IEC27040 so that you can get a complete picture of the things you need to do to keep your data secure. Data security is an integral part of any business endeavor; making sure that your organization has considered and implemented as many best practices in the area of data security as possible is made easier by this current publication, which comes from (and also benefits) SNIA’s own members of the storage security technical working group. For more information about the work of SNIA’s storage security group, visit: www.snia.org/security. Click here to download the complete Storage Security: Data Protection white paper. .