Embed Size (px)
Citation preview
Data Storage On The Cloud
www.WhiteCanyon.com | [email protected] | 1 (801) 224-8900
DATA STORAGE ON THE CLOUDThe cloud is becoming more than a trendy solution for data storage. In many cases it is a necessity. Utilizing a remote storage provider to house your data comes with some incredible advantages. Cloud storage gives the end user immediate access to their data from virtually anywhere in the world. This offers companies of any size a broad strategic advantage.
Companies are using the cloud more frequently and a large percentage of companies are using the cloud to store most of their data, and in many cases, all their data. The startup cost of cloud data, in comparison to physical onsite storage is far cheaper.
With the increase in popularity in recent years, many options have become available to allow customers to choose what type of cloud storage fits their need. A Private Cloud will feature a dedicated server that contains only the data from one customer. A Public Cloud utilizes a shared server. Several if not hundreds of customer’s data will be stored on the same server. A Hybrid Cloud is becoming more popular. This option uses both a private cloud and onsite storage.
WHAT ARE THE DANGERS OF CLOUD STORAGE?With all the advantages to the cloud, there are many disadvantages and dangers when entrusting data to another company. Data leakage, DDOS attacks, and snooping are far greater risks on the cloud as opposed to physical storage.
It is becoming a standard business practice for companies to use up to a dozen different cloud service providers to house their data. The belief is that having greater access to data provides convenience and redundancy. While storing data in a single location may not be wise for redundancies sake, the more data that is stored in different locations presents even greater risks. Cloud storage is a relatively new market. As the technology advances, the risks will also increase and become more of a reality.
Data on the cloud is very difficult to sanitize considering the amount of redundancy used by cloud storage providers. Large companies such as Amazon Web Services will store the same data in dozens of locations to ensure that their customers data is still accessible during power outages, natural disasters, and maintenance. With this amount of redundancy, it is impossible to track data and sanitize individual client’s data.
WHITECANYON’S RECOMMENDATIONSCompanies desiring to utilize the cloud should be aware of these risks and make an informed business decision before storing their data on the cloud. Consider the following recommendations from WhiteCanyon Software in regards to cloud storage:
1. WhiteCanyon recommends that companies only store data with notable storage providers with proven track records.
2. Customers should store data with storage providers that allow their customers to independently test their security measures.
3. Select storage providers that have policies in place to secure data before, during, and after migration.
4. Research and Development and Protected Health Information (PHI) should be kept off the cloud when possible.
Data centers and cloud service providers are competing to support industries with highly regulated data, such as retail, healthcare, banking, and government agencies. In order to serve these customers, compliance with industry standards, regulations and certifications like HIPAA and Sarbanes-Oxley are critical.
Your company is responsible for your data. Every business has a measure of sensitive data in their possession. It is of the utmost importance that you are informed in the manner your data is stored. Data that leaves your facility and enters the cloud can never be completely recovered and sanitized. Therefore, take the necessary precautions in managing your cloud storage.
With these considerations, customers can be confident making decisions about how and where to store their data. If you have any questions, please contact the WhiteCanyon Sales Team at (801) 224-8900.
FORMATstablishes
FORMATstablishes
FORMATstablishes
ypes of formatting – FAT32, NTFS, HFS+, ExFAT, etc. These formats are for specific use applications but overall, they allow data to be stored and read from a drive.
In the 1980’s and 1990’s formatting was seen as a viable method to sanitize a drive. IT assets were reformatted, which would remove the addressable areas on the drive and then donated or sold throughout the world. Security agencies would test these IT assets in the wild and find that data could still be recovered from them. Luckily, data recovery tools were not sophisticated as they are today and it would take considerable resources to retrieve the data. In the present-day, any data recovery tool on the internet can easily recover data from a formatted drive. In fact, most advertise that they can recover data from reformatted memory sticks, SSD and hard drives.
There are still groups that rely on a Low-Level Format for data erasure. These groups feel that the LLF will securely erase all the data on the drive at no cost. Unfortunately, the new IDE and ATA drives do not allow true LLF on their drives because of a change in manufacturing. New drives now have the formatting done on a servowriter before the disk is assembled into the drive in the factory. These drives no longer support LLF. Formatting a drive, whether low-level,
deep or quick is not a viable option for a secure data sanitization process.
Formatting Can Cause the Following Issues:
OEM DRIVE TOOLSOEM tools are designed to manage and erase manufacturer’s own drives. The OEM tools provide a list of functions, like format, partition and erase. Though each OEM tool is unique, most of the tools provide a cryptographic key removal and securely erasing all the data on the drive. The erasure is secure if the manufacturer supports the ATA Secure Erase or Sanitize disk commands, which most do. Some manufacturer’s OEM tools offer the option to revert a drive back to its original state and remove OPAL and eDrive protection and remove drive passwords.
OEM tools may seem live a viable alternative to data erasure software, but they have major weaknesses that cause them to be ineffective for the corporate and government environment. The major issue is the OEM tools are not certified by an outside party. The tools are not reviewed, tested and verified that they erase data as assured.
The OEM tools provide simple erasure patterns, but most don’t provide the NIST and DoD 5220.22M overwrite patterns. The OEM tools do not provide verification of the erasure and on some drives, you must boot from the BIOS or recovery partition to start the deletion. Labor intensive and difficult to start, most OEM tools are not designed for high volume, high throughput wiping.
Audit reports are the most important part of any data erasure. The OEM tools do not provide logs of the erasure for audit purposes. Drives that have been erased with OEM tools must have reports created by the tech for proof of erasure.
OEM tools may be adequate for a typical home user that isn’t concerned about their data being exposed but it is much too difficult, time intensive and lacks reporting that is crucial for corporate and government use.
WHY USE WIPEDRIVE ENTERPRISE DATA ERASURE SOLUTION?WipeDrive Enterprise is a globally certified erasure tool and is designed to be cost effective, automated and reliable in any environment. If you want your data wiped securely and quickly, WipeDrive is the solution for you. Here are some additional benefits of WipeDrive Enterprise:
Key Benefits:• WipeDrive Enterprise is automated and scalable across your organization.
• WipeDrive Enterprise certified by Common Criteria, NCSC and NATO. It is consistently
www.WhiteCanyon.com | [email protected] | 1 (801) 224-8900
DATA STORAGE ON THE CLOUDThe cloud is becoming more than a trendy solution for data storage. In many cases it is a necessity. Utilizing a remote storage provider to house your data comes with some incredible advantages. Cloud storage gives the end user immediate access to their data from virtually anywhere in the world. This offers companies of any size a broad strategic advantage.
Companies are using the cloud more frequently and a large percentage of companies are using the cloud to store most of their data, and in many cases, all their data. The startup cost of cloud data, in comparison to physical onsite storage is far cheaper.
With the increase in popularity in recent years, many options have become available to allow customers to choose what type of cloud storage fits their need. A Private Cloud will feature a dedicated server that contains only the data from one customer. A Public Cloud utilizes a shared server. Several if not hundreds of customer’s data will be stored on the same server. A Hybrid Cloud is becoming more popular. This option uses both a private cloud and onsite storage.
WHAT ARE THE DANGERS OF CLOUD STORAGE?With all the advantages to the cloud, there are many disadvantages and dangers when entrusting data to another company. Data leakage, DDOS attacks, and snooping are far greater risks on the cloud as opposed to physical storage.
It is becoming a standard business practice for companies to use up to a dozen different cloud service providers to house their data. The belief is that having greater access to data provides convenience and redundancy. While storing data in a single location may not be wise for redundancies sake, the more data that is stored in different locations presents even greater risks. Cloud storage is a relatively new market. As the technology advances, the risks will also increase and become more of a reality.
Data on the cloud is very difficult to sanitize considering the amount of redundancy used by cloud storage providers. Large companies such as Amazon Web Services will store the same data in dozens of locations to ensure that their customers data is still accessible during power outages, natural disasters, and maintenance. With this amount of redundancy, it is impossible to track data and sanitize individual client’s data.
WHITECANYON’S RECOMMENDATIONSCompanies desiring to utilize the cloud should be aware of these risks and make an informed business decision before storing their data on the cloud. Consider the following recommendations from WhiteCanyon Software in regards to cloud storage:
1. WhiteCanyon recommends that companies only store data with notable storage providers with proven track records.
2. Customers should store data with storage providers that allow their customers to independently test their security measures.
3. Select storage providers that have policies in place to secure data before, during, and after migration.
4. Research and Development and Protected Health Information (PHI) should be kept off the cloud when possible.
Data centers and cloud service providers are competing to support industries with highly regulated data, such as retail, healthcare, banking, and government agencies. In order to serve these customers, compliance with industry standards, regulations and certifications like HIPAA and Sarbanes-Oxley are critical.
Your company is responsible for your data. Every business has a measure of sensitive data in their possession. It is of the utmost importance that you are informed in the manner your data is stored. Data that leaves your facility and enters the cloud can never be completely recovered and sanitized. Therefore, take the necessary precautions in managing your cloud storage.
With these considerations, customers can be confident making decisions about how and where to store their data. If you have any questions, please contact the WhiteCanyon Sales Team at (801) 224-8900.
FORMATstablishes
FORMATstablishes
FORMATstablishes
ypes of formatting – FAT32, NTFS, HFS+, ExFAT, etc. These formats are for specific use applications but overall, they allow data to be stored and read from a drive.
In the 1980’s and 1990’s formatting was seen as a viable method to sanitize a drive. IT assets were reformatted, which would remove the addressable areas on the drive and then donated or sold throughout the world. Security agencies would test these IT assets in the wild and find that data could still be recovered from them. Luckily, data recovery tools were not sophisticated as they are today and it would take considerable resources to retrieve the data. In the present-day, any data recovery tool on the internet can easily recover data from a formatted drive. In fact, most advertise that they can recover data from reformatted memory sticks, SSD and hard drives.
There are still groups that rely on a Low-Level Format for data erasure. These groups feel that the LLF will securely erase all the data on the drive at no cost. Unfortunately, the new IDE and ATA drives do not allow true LLF on their drives because of a change in manufacturing. New drives now have the formatting done on a servowriter before the disk is assembled into the drive in the factory. These drives no longer support LLF. Formatting a drive, whether low-level,
deep or quick is not a viable option for a secure data sanitization process.
Formatting Can Cause the Following Issues:
OEM DRIVE TOOLSOEM tools are designed to manage and erase manufacturer’s own drives. The OEM tools provide a list of functions, like format, partition and erase. Though each OEM tool is unique, most of the tools provide a cryptographic key removal and securely erasing all the data on the drive. The erasure is secure if the manufacturer supports the ATA Secure Erase or Sanitize disk commands, which most do. Some manufacturer’s OEM tools offer the option to revert a drive back to its original state and remove OPAL and eDrive protection and remove drive passwords.
OEM tools may seem live a viable alternative to data erasure software, but they have major weaknesses that cause them to be ineffective for the corporate and government environment. The major issue is the OEM tools are not certified by an outside party. The tools are not reviewed, tested and verified that they erase data as assured.
The OEM tools provide simple erasure patterns, but most don’t provide the NIST and DoD 5220.22M overwrite patterns. The OEM tools do not provide verification of the erasure and on some drives, you must boot from the BIOS or recovery partition to start the deletion. Labor intensive and difficult to start, most OEM tools are not designed for high volume, high throughput wiping.
Audit reports are the most important part of any data erasure. The OEM tools do not provide logs of the erasure for audit purposes. Drives that have been erased with OEM tools must have reports created by the tech for proof of erasure.
OEM tools may be adequate for a typical home user that isn’t concerned about their data being exposed but it is much too difficult, time intensive and lacks reporting that is crucial for corporate and government use.
WHY USE WIPEDRIVE ENTERPRISE DATA ERASURE SOLUTION?WipeDrive Enterprise is a globally certified erasure tool and is designed to be cost effective, automated and reliable in any environment. If you want your data wiped securely and quickly, WipeDrive is the solution for you. Here are some additional benefits of WipeDrive Enterprise:
Key Benefits:• WipeDrive Enterprise is automated and scalable across your organization.
• WipeDrive Enterprise certified by Common Criteria, NCSC and NATO. It is consistently
Data Storage On The Cloud
