SAN/NAS security is the measures a company takes to protect critical enterprise and customer data within NAS environments from both internal and external threats. NAS security helps businesses take control of their network-attached storage rather than passively allowing incidents to happen.
In the server world, there are two types of storage. They are the SAN and the NAS. The main difference is how they attach to the server. Both types are intelligent devices requiring direct management and protection from inside and outside threats. Here are the two SAN/NAS device types covered in the podcast and the book:
Storage Array Network:
Storage area networks connect physical storage devices in a logical pool, so data stored on the devices is all accessible to an application or user. SANs are beneficial because they pull together data from multiple geographic locations. If an enterprise has flash arrays in two data centers, one in Scotland and one in New Zealand, they may need their CRM software to access customer data stored on devices in both data centers. SANs make that possible.
Network Attached Storage:
NAS devices are convenient and cost-effective solutions for storing and sharing data across a network. However, they also pose security risks if not properly encrypted. Encryption is the process of transforming data into an unreadable form that can only be decrypted by authorized parties.
If you change all passwords on that NAS server, it’s still not secure. Hackers usually install hidden backdoors in the server. Those backdoors or rootkits then monitor every login, see every new password entered, and can regain control of the server any time they want. Making sure that your on-prem NAS is secure is one thing. Delivering secure network access to a remote workforce, looking to access business-critical information at different times from different locations, is a whole different ball game.
With business workloads moving to insecure home networks, protecting your endpoints from ransomware isn’t easy but it is critical. Not only does your storage administrator have to make sure that the data is secure at rest but also in transit – in addition to being always available. SAN/NAS security practices will be different, but the NAS will be more complex since its network connected.