The IEEE Security In Storage Work Group (SISWG) produces standards that many storage developers, storage vendors, and storage system operators care about, including: a) A family of standards on sanitization: the IEEE 2883 family b) A family of standards on encryption methods for storage components: the IEEE 1619 family c) A standard on Discovery, Authentication, and Authentication in Host Attachments of Storage Devices: the IEEE 1667 specification IEEE has a different work group (IEEE P3172) focusing on post-quantum cryptography, but when they are done, a family method that recommends new q

Operators of data storage systems are legally obligated to protect customer data, and can be subject to significant penalties. This presentation will explore existing and upcoming standards to show the best practices for sanitizing customer data. These standards will include IEEE 2883-2022 and ISO/IEC 27040,and will describe current work on new standards.

The audience for this presentation includes developers and users of data storage systems, as well as developers of software utilizing those systems.

/*-->*/

Post-quantum cryptographic (PQC) algorithms are intended to resist attacks on data and communications security by quantum computers. A variety of organizations have been defining PQC algorithms and how they are used to protect data storage. This talk will describe new and existing standards, as well as requirements for data storage products to comply with these standards in the near future.