|
www.snwonline.com/StorageInsider
STORAGE INSIDER
Article posted October 1st, 2001
In the new world order, the need for storage security is crystal clear.
By John Webster
Change is inevitable. When it’s natural and evolutionary,
it’s predictable and sometimes inspiring. I feel comfortable with natural,
evolutionary change.
As an analyst, change is both my subject and my muse. It’s what I write
about as well as being the source. It’s what I write about as well as
being the source of my analytical energy.
But when change is forced on me by an event-in this case the terrorist
attacks on New York City and Washington D.C.- I am at first disoriented. I
know that I have lost someone or something, but since I was neither
connected to, nor personally knew any who died in the attacks, I don’t
know who or what I have lost. I know change has happened, but I don’t know
its dimensions. I have to stop and examine. Has something moved? Has my
point of view changed? Is something else more significant now than it was
before?
I sense that others around me feel the same. I often hear people say that
the events of September 11, 2001 will result in irreversible and some
think profound change. Yet at the same time, they grope as I do for an
understanding of what exactly it is that is now different. We have a vague
sense of differences – perhaps we fear them to be profound-but I doubt
that any of us really know at the moment how different things really are.
Are the differences between our lives before and after the attacks
dramatic, or subtle, or a complex combination of both? I don’t think we
know yet. And so my disoriented feeling will persist for a least a while
longer.
I also sense that the cure for disorientation is focus. So, I will focus
the rest of what I have to say on what has changed in the storage industry
and what I hope will change.
One thing is clear. DR (disaster recovery) is about to become a household
word, maybe not as common as PC, but close. I know this to be rue because
I, as well as other storage analysts am getting calls from the press
asking about DR. Press in this context means reporters from the kinds of
weekly magazines one sees in waiting rooms and on coffee tables. There’s
been a disaster. We have to recover. Does DR work they ask?
Here’s another thing that‘s clear. DR works. Can anyone doubt that the
attack on the World Trade Center towers was plotted to do anything less
than bring down the country’s premier financial institutions? The
terrorists scored a direct hit and yet Wall Street was back in business
trading billions of shares the following week. Surely it wasn’t business
as usual, but could anyone on the outside really see a difference? We owe
a huge debt of gratitude to the people and systems that made and continue
to make DR work on Wall Street.
A heightened awareness of DR will most certainly result in thorough
management reviews of many enterprises’ DR capabilities. In as much as
storage can play a significant DR role, the increased attention can only
be good news for an industry segment that has, and continues to feel the
ravages of an economic downturn. The telecommunications and services
segments will benefit as well. So much for the obvious slam-drunk
predictions.
Here’s something that is less clear and should concern us all. Does IT
security work?
Here’s a direct quote from a note authored by a retired military officer
that I received recently:
“…this act was not committed by a group of mentally deranged fanatics. To
dismiss them as such would be among the gravest of mistakes. This attack
was committed by a ferocious, intelligent and dedicated adversary. “Let me
rephrase the question: Is America’s IT infrastructure vulnerable to attack
by an enemy that is ferocious, intelligent, and dedicated? Given the ease
with a New York City cab driver penetrated and manipulated financial
systems such that he could mimic the identities of some of the world’s
wealthiest people, the answer to that question has to be a barely audible
“Yes”.
An aggressive and well thought out attack on our financial information
systems could be economically devastating, and the attacker could strike
by exploding a bomb, or hijacking a plane, and do so without taking a
single life. An attacker using electronic means could even be smart and
resourceful enough to disable our DR capabilities just before launching an
attack.
We must somehow make the security of our IT infrastructures our highest
priority. And if we want to break the task down into manageable units,
storage systems are an obvious first place to start. We’ve hailed storage
networking as a tool for unlocking the power of information. Gone are the
days when storage was a mere feature on the server. But gone too are the
days when we could say that information security was solely the job of the
server. We must now do all we can to preserve and protect the information
contained in networked storage.
The monster we face is real. We can’t see it or hear it, yet we now know
that it is there. What we still don’t know is how it has changed our
lives. I hope however, that at least we now know that we need to protect
ourselves and our information lifelines in ways that we didn’t think
necessary, or didn’t take seriously before September 11, 2001. The storage
industry is in a position to make a significant contribution to
information security at time when the need for information security is
crystal clear.
|