Storage systems must provide reliable and convenient data access to all authorized users while simultaneously preventing threats coming from outside or even inside the enterprise.

Security threats come in many forms, from unauthorized access to data, data tampering, denial of service, and obtaining privileged access to systems.

According to the Storage Network Industry Association (SNIA), data security in the context of storage systems is responsible for safeguarding the data against theft, prevention of unauthorized disclosure of data, prevention of data tampering, and accidental corruption. This process ensures accountability, authenticity, business continuity, and regulatory compliance.

Security for storage systems can be classified as follows:

• Data storage (data at rest, which includes data durability and immutability)
• Access to data
• Movement of data (data in flight)
• Management of data
  • Security of data in transit
  • Security of data at rest
  • Authentication
  • Authorization
  • Hadoop security
  • Immutability
  • Secure administration
  • Audit logging
  • Security for transparent cloud tiering (TCT)
  • Security for OpenStack drivers

Chapter 1. Secure data in transit

Chapter 2. Secure data at rest

Chapter 3. Authentication

Chapter 4. Authorizing protocol users

Chapter 5. Secure administration

Chapter 6. Immutability

Chapter 7. Audit logging

Chapter 8. Hadoop security

Chapter 9. Security for transparent cloud tiering

Chapter 10. Security for OpenStack drivers

Chapter 11. Firewall recommendations

Appendix A. Examples of how to open firewall ports