SNIA Storage Security Best Practices (Spring 2009)

With the increasing importance and emphasis on security in mind, the Storage Networking Industry Association (SNIA) had developed and published (see /forums/ssif/programs/best_practices/) a set of storage security best current practices (BCPs). This vendor neutral guidance has a broad scope, covering both storage systems and entire storage ecosystems. Specific elements include, but are not limited to, storage management, protocols, compliance, encryption, key management, and long-term archive. As with many aspects of security, a balance must be struck between mitigating risks and minimizing the impacts, which may take the form of cost, complexity, throughput, availability, scalability, etc. Each organization must make its own trade-off decisions based on its unique situation (e.g., deployed infrastructure, legal and regulatory requirements, and due care expectations) and the importance of its data. This session provides an introduction to the BCPs as well as information that that will help organizations exploit the BCPs in their environments.

Learning Objectives

General introduction to the SNIA storage security BCPs
Understand which storage security BCPs are considered critical
Practical tips on ways to utilize the storage security BCPs