Secure Storage in the Age of Edge Computing and the Cloud
Companies need to rethink how they approach storage
- By Richard Diver
- Mar 01, 2019
Enterprise data storage is not what it used to be. Back
when IT was dominated by on-premises data centers,
storage options were fairly straightforward and securing
storage resources was relatively simple compared
with today’s far more complex storage landscape.
The rise of the cloud and the emergence of edge computing are
changing the way organizations need to approach and manage their
storage resources. There is no one-size-fits-all scenario. Requirements
will vary within enterprises, and even within divisions and departments
of those enterprises.
How can companies know that they are making the right choices
with regard to deploying secure storage resources? The following
are some practices to help ensure that enterprise storage strategies
are successful.
Know What You Are Creating
When creating a storage strategy, it is vital that organizations know
what they want to achieve with data storage and design the storage
architecture to support the expected use cases.
While some use cases might appear more important than others,
storage planning cannot take place in isolation. Supporting one use
case at the expense of others in the organization leads to inefficiency.
For example, at a healthcare provider such as a hospital, one use
case could be storing data related to X-rays over a certain number
of years; unique images which would rarely be accessed but persist
for a long time.
A certain storage solution might be ideal for that purpose, and the
radiology department will be set for data storage for years to come.
What about other departments and their storage needs? The same solution might not be suitable for applications such as security video
recordings, patient telemetry, or virtual desktop infrastructure—a
technology which requires extremely high IO, constant access, and
efficient deduplication in stark contrast to the X-ray images.
When developing a cost justification for storage, an organization
needs to look at more than one use case. Organizations need to consider
a broad spectrum of potential storage use-cases and how those
use cases drive changing requirements change over time. Having insight
into storage needs and goals early can help a wide organization to
innovate and evolve and also keep storage costs down in the long run.
It is advisable to share a common storage architecture framework
across the company, and look for opportunities to collaborate on
storage management and collocation between various departments
to drive efficiency. The organization as a whole is responsible for its
data, or its customers’ data, rather than leaving this to individual
suborganizations.
Understand Storage Capabilities
and Requirements
Technology is never static; storage managers need to understand
technologies available today and what is coming down the road in the
future—both in terms of secure storage platforms and tools as well
as security threats and compliance challenges.
One of the biggest trends underway today is the move toward automation.
Companies are looking—or should be looking—to automate
every process whenever possible. That includes storage management
and ensuring the security of storage resources.
The cloud, artificial intelligence, and edge-based processing systems
are introducing more flexible options than were available in
the past. Identify where it makes sense to leverage private and public
cloud services to meet storage needs, how to utilize edge storage
and analytics platforms, and when to invest in new and bleeding-edge
technology to gain an edge.
When developing a secure storage framework, keep in mind the
exponential growth of data and the rise in the number of sources
of data. Who would have imagined even a few years ago the impact
the Internet of Things (IoT) would have on storage requirements? It
is difficult to imagine what the storage scenario will be like in a few
years, but it pays to make accurate predictions.
Not All Data Is Equal
Grasp the idea that when it comes to security, not all data is equal.
When building and implementing a storage strategy that incorporates
the cloud and the edge, always keep in mind that some data
is far more sensitive than others, and that users may not understand
the difference.
For instance, you cannot equate publicly available product data
that can be readily found on a web site with customers’ financial information
or individuals’ medical records. The latter two are far more
sensitive and need the highest levels of data protection.
Organizations need to efficiently classify their data and have an
understanding of what it is, where it lives, and who can access it.
Failing to place greater protections around the most sensitive data
can expose enterprises to regulatory compliance issues and possibly
result in significant fines. The new General Data Protection Regulation
(GDPR) that went into effect in the European Union in May
2018, for example, is designed to protect the data of EU citizens. The
penalties for non-compliance are steep.
When managing data storage, focus on the most sensitive data
first and shore up the weakest areas. Many of the data breaches of
recent years have resulted from rudimentary mistakes that companies
have made, such as not encrypting sensitive data or having poor access
rights management.
It is import to understand what tools are available in the form of
security analytics, logging, and so on are available and take advantage
of these capabilities. These security tools need visibility. Make
sure the security operations center is plugged into cloud initiatives as
they are defined and developed.
Choosing the Right Storage Type
Data storage options abound today, whether it is cloud-based solutions
or on-premises systems. Organizations need to assess which of these options
is best and most secure for particular use cases. For example, they
need to know when it makes sense to use data lakes, or when they need
global scale read activity or high velocity multi-party updates.
With the growth of edge processing and analytics, they also need
to know when to use storage at the edge of the network, as close to
the original source of the data as possible. As more data is generated
by IoT devices, storage at the edge—and securing those storage resources—
will become increasing important considerations.
A significant portion of storage strategy is forecasting current
and future costs. Companies can leverage analytics to look at storage
costs and to help determine the most cost-effective ways to store data
and to move data around as needed.
Vitally important also are integration efforts which can bolster
security. Companies need to integrate between platforms wherever
possible, so they can leverage capabilities such as unified authentication
and unified visibility.
Make every attempt to centralize permissions and control through
cloud access security brokers (CASBs) or other integrations.
As with everything else in IT, integrate storage into operational processes
and policies to avoid siloes and fractures in operational flows.
Invest in People
Address the “people” issues related to secure storage.
Creating a secure storage infrastructure is not just about having
the right products and processes in place. Companies need to make
sure that personnel have the skills in place to succeed.
Data storage in 2018 means having people on the team who understand
the latest on-premise storage technologies, cloud computing
services and containers, edge computing, storage integration, software-
defined storage, data backup, data architecture, IoT, regulatory
considerations, and of course cyber security.
Organizations may broadly benefit from expanding their capabilities
to encompass more advanced skills such as artificial intelligence/
machine learning, data engineering, and data visualization.
Acquiring many of these skill sets can be among the most significant
challenges organizations face when creating and deploying a secure
storage strategy. It is important for technology and business leaders
to work together to train current professionals or hire new ones
who can build the storage infrastructure that will support the organization
for years to come. Companies have to be willing to invest in the
people who can help make the new storage environment a reality and
avoid the IT staff turnover that can paralyze an entire organization.
There is another important people-related challenge: easing the
concerns of existing staffers about the coming changes in data storage
requirements. At many organizations, especially larger ones, there
are bound to be technicians who are experts in on-premise storage
who may resist a move to cloud-based storage.
Again, it is up to senior managers in IT and elsewhere to train or
retrain people in these emerging areas. That way
they will not feel as if they are being phased out
and at the same time companies will acquire some
needed new skills.
This article originally appeared in the March 2019 issue of Security Today.