Every industry’s security and safety posture shifts when the consequences become grave. For example, consider the automotive industry’s regulated safety evolution to seatbelts, air bags and backup cameras. But when it comes to data storage, the approach to security hasn’t evolved since the 1990s – a time before the internet, when today’s threats against your data were inconceivable. Today, almost every computer is network-connected. Users are accessing data from inside and outside the organization’s network perimeter and in many cases using their own personal uncontrolled mobile devices.
The problem
The internet has led to widespread adoption of network security and monitoring tools. But firewalls and intrusion detection and network monitoring systems may not keep the bad guys out of an organization’s network. And they generally don’t protect the data left on an unsecured legacy network attached storage or vulnerable Windows and Linux file servers.
Legacy storage lacks the fine grain security controls and reporting to fully implement a zero trust architecture. It has coarse grain access controls that prevent organizations from being able to accurately restrict access to specific users, groups, and network segments to enforce least privileged access management.
Infrastructure & Operation (I&O) teams can’t easily spot misconfigurations in the storage that make the data susceptible to theft, manipulation, or destruction. And most systems don’t provide notifications to the I&O team when important changes are made to permissions. In that environment hackers can continue to lurk undetected – manipulating the infrastructure to get their desired effect.
Data storage and user behavior activity can be one of the best high fidelity security sensors in your infrastructure to detect an insider threat or breach. User behavior auditing, as part of the discovery process, can determine what was accessed after a breach has been discovered. Legacy storage doesn’t provide a way to look back 9 months and identify malicious behavior based on new information or provide reporting of what was accessed. This deficiency allows hackers to get in and out undetected and leaving just unanswered questions for the IT and security organization.
Worst of all, legacy storage solutions rely on third party products or endpoint monitoring to detect threats against the data. And when a threat is discovered it is very hard to take action to stop it during the attack and then remediate the damage.
What’s next?
Organizations who take a CyberConverged approach gain the security and tools they need to defend data against constantly evolving nation state sponsored cyber threats. For example, BrickStor SP’s auditing and active defense capability notifies your team in real-time about changes to permissions, system configurations, and abnormalities in data access patterns. Active defense can automatically shut off a user’s access to data in direct response to a suspected threat allowing you to contain an attack in less than a second. In fact, as part of a complete zero trust architecture BrickStor SP can dynamically change granular access controls to files. When your team is notified of a breach they can look back as far as they need to, to see what data has been accessed by any user or system.
Hackers rely on the profound deficiencies of legacy storage. Stop them by providing your I&O and security teams with a solution that delivers visibility and quick response.