Security

Material on this page is intended solely for the purpose of content review by SNIA members. Tutorial material may be read and commented upon by any SNIA member, but may not be saved, printed, or otherwise copied, nor may it be shared with non-members of the SNIA. Tutorial managers are responsible for responding to all comments made during the open review period. No responses will be given to comments made outside the open review period.

Jump straight to an abstract:

The Abstracts

Data Encryption and Key Management, Part I & II
Moderator: Ray Lucchesi
Panelists: Gordon Arnold, Walt Hubis, Dr. Michael Willett, Brandon Hoff

Download

We hear every month of another cyber attack, hacking event or just plain data theft where thousands to millions of data records are exposed.  A number of techniques are available that can minimize the data exposure risk in these cases but they all involve some form of data-at-rest-security.  We discuss the many different approaches to secure data-at-rest in your IT shop.

Learning Objectives

  • Understand the many ways to provide data-at-rest security for block and file data. 
  • Understand the implications of various approaches to data-at-rest security with respect to key management, storage performance, and cost

Practical Secure Enterprise Storage
Walt Hubis
Download

This presentation will explore the important concepts and fundamental methods of implementing secure enterprise storage using current technologies to implement a practical system. The high level requirements that drive the implementation of secure storage for the enterprise, including legal issues, key management, current technologies available to the end user, and fiscal considerations will be explored in detail. In addition, actual implementation examples will be provided that illustrate how these requirements are applied to actual systems implementations.

Learning Objectives

  • Understand the basic requirements for a secure enterprise class storage system. 
  • Gain insight into the important issues behind the selection of an appropriate secure storage architecture. 
  • Be able to select and configure an enterprise class secure storage system.

Legal Issue Relevant to Storage
Eric Hibbard
Download

Many organizations face the challenge of implementing protection and data security measures necessary to comply with a wide range of regulatory, statutory, and other legal requirements. Because storage systems (actually the data they contain) play an important part in many of these issues, storage managers and administrators may be asked to assist in supporting a variety of legal actions as well as help their organizations guard against data transgressions having legal consequences. Thus, they need to be capable of taking abstract regulatory, statutory and other legal requirements and translating them into implementable solutions. In addition, they must be able to partner with the legal community to ensure these solutions address the organization’s compliance requirements and that the support is timely and responsive.    This session describes the legal issues storage security professionals are likely to encounter as part of their role as the focal point for securing storage systems.

Learning Objectives

  • General introduction to the relevant legal issues 
  • Understand how these legal issues impact storage 
  • Practical tips on ways to deal with some of the more pressing legal issues