Challenges and Opportunities in Storage Security

Tue Sep 17 | 3:05pm
Location:
Winchester
Abstract

Security and privacy requirements are evolving fast prompted in part by initiatives coming out of the US and the EU. In the Open Compute Project security implementations are being introduced that have silicon and firmware impacts, but that promise a more open and common approach to security. Post Quantum Compute and CNSA 2.0 are another trend that will become a requirement  the ecosystem is not yet ready. SBOMs and HBOMs (Software and Hardware Bills of Materials) on the horizon.  

Data sanitization and circularity are also on the forefront with groups like IEEE 2883 Standard for Sanitizing Storage.  Drives capable of crypto-erase, both SED and ISE, will become standard for HDDs to meet current and future requirements.  

In this talk we will share an HDD device vendor view of these new changes. Many of the new requirements already exist in the HDD ecosystem and have for some time but are implemented in a proprietary way with third party firmware audits, penetration testing, FIPS and Common Criteria validation and verifiable sanitization methods. 

In summary this is a complex landscape with a myriad of standards. Security, and sustainability are not well understood at the board room level, yet they are top priorities for all companies. The industry needs to coalesce around a common strategy and approach that ensures data security while understanding the costs and resource constraints related to major changes.

Learning Objectives

Upon completion, participant will be able to understand the data security model take by datacenters today.
Upon completion, participant will be able to see a path to a more secure and sustainable datacenter security model in the future.
Upon completion, participant will be able to understand the perspectives of both storage device vendors and consumers when trying to scale and resource to meet a myriad of security requirements.
Upon completion, participant will be able to understand the importance of crypto-graphic erase, it's implementation and fundamentals.

Abstract

Security and privacy requirements are evolving fast prompted in part by initiatives coming out of the US and the EU. In the Open Compute Project security implementations are being introduced that have silicon and firmware impacts, but that promise a more open and common approach to security. Post Quantum Compute and CNSA 2.0 are another trend that will become a requirement  the ecosystem is not yet ready. SBOMs and HBOMs (Software and Hardware Bills of Materials) on the horizon.  

Data sanitization and circularity are also on the forefront with groups like IEEE 2883 Standard for Sanitizing Storage.  Drives capable of crypto-erase, both SED and ISE, will become standard for HDDs to meet current and future requirements.  

In this talk we will share an HDD device vendor view of these new changes. Many of the new requirements already exist in the HDD ecosystem and have for some time but are implemented in a proprietary way with third party firmware audits, penetration testing, FIPS and Common Criteria validation and verifiable sanitization methods. 

In summary this is a complex landscape with a myriad of standards. Security, and sustainability are not well understood at the board room level, yet they are top priorities for all companies. The industry needs to coalesce around a common strategy and approach that ensures data security while understanding the costs and resource constraints related to major changes.

Learning Objectives

Upon completion, participant will be able to understand the data security model take by datacenters today.
Upon completion, participant will be able to see a path to a more secure and sustainable datacenter security model in the future.
Upon completion, participant will be able to understand the perspectives of both storage device vendors and consumers when trying to scale and resource to meet a myriad of security requirements.
Upon completion, participant will be able to understand the importance of crypto-graphic erase, it's implementation and fundamentals.


---

Arie van der Hoeven
Seagate Technology
Related Sessions