28 min
#172: Emerging Storage Security Landscape Storage Developer Conference
-
- Technology
Current storage technologies include a range of security features and capabilities to allow storage to serve as a last line of defense in an organization’s defense in depth strategy. However, the threat landscape continues to change in negative ways, so new responses are needed. Additionally, the storage technology itself is changing to address the increased capacity and throughput needs of organizations. Technical work in ISO/IEC, IEEE, NVM Express, DMTF, OpenFabric Alliance, Trusted Computing Group (TCG), Open Compute Project (OCP), Storage Networking Industry Association (SNIA), etc. are introducing new storage technologies, specifying the way storage fits into increasingly complex ICT ecosystems, and identifying protection mechanism for data and the systems themselves. Understanding these developments and their interrelationships will be critical for securing storage systems of the future. This session highlights important storage security elements of both current and emerging storage technologies, including encryption, key management, storage sanitization, roots of trust and attestations, secure communications, and support for multitenancy. Like storage, security technologies are also changing, so crypto-agility, protocol changes, and security practices (e.g., zero trust) are explored.
Learning Objectives: 1) Understand current storage security guidance and requirements; 2) Identify security aspects of emerging storage technology; 3) Recognize the implications and challenges associated with securing storage.
Current storage technologies include a range of security features and capabilities to allow storage to serve as a last line of defense in an organization’s defense in depth strategy. However, the threat landscape continues to change in negative ways, so new responses are needed. Additionally, the storage technology itself is changing to address the increased capacity and throughput needs of organizations. Technical work in ISO/IEC, IEEE, NVM Express, DMTF, OpenFabric Alliance, Trusted Computing Group (TCG), Open Compute Project (OCP), Storage Networking Industry Association (SNIA), etc. are introducing new storage technologies, specifying the way storage fits into increasingly complex ICT ecosystems, and identifying protection mechanism for data and the systems themselves. Understanding these developments and their interrelationships will be critical for securing storage systems of the future. This session highlights important storage security elements of both current and emerging storage technologies, including encryption, key management, storage sanitization, roots of trust and attestations, secure communications, and support for multitenancy. Like storage, security technologies are also changing, so crypto-agility, protocol changes, and security practices (e.g., zero trust) are explored.
Learning Objectives: 1) Understand current storage security guidance and requirements; 2) Identify security aspects of emerging storage technology; 3) Recognize the implications and challenges associated with securing storage.
28 min