In this note, we discuss what’s being done to increase storage device security and what users can do to protect their equipment.
We have talked extensively about IP cameras being vulnerable to security breaches. But the truth is all connected devices have the potential to be attacked, including storage devices. In this note, we discuss what’s being done to increase storage device security and what users can do to protect their equipment.
Cybersecurity events have become increasingly common. According to Spanning, a company falls victim to a cyberattack every 39 seconds. It added that more than 60 percent of organizations globally have experienced at least one form of cyberattack.
Being connected devices,
security equipment and systems can also be cyberattacked. “There are many aspects as to why IP video surveillance systems and security edge devices can become a real threat to the rest of an internal corporate network, if penetrated. This could be caused by several factors ranging from poor security policy implementation, outdated system patches and vulnerability holes, all the way to human error and administrative breaches,” said Eugene Kozlovitser, CTO of BCD. “These days there is a plethora of ‘bad actors’ out there that can create real havoc inside of a network once it is infiltrated, and by having poor cyber hygiene, lacking insight and continuous improvement is an easy way for data to be breached and exposed by not addressing basic cyber fundamentals.”
Among security devices,
IP cameras can be quite vulnerable to cyberattacks. Reports on hackers taking control of babycams are quite common. Yet storage devices, which are also key elements in video surveillance, can be vulnerable as well.
“Storge devices are definitely vulnerable. By having poor cyber hygiene, no network-facing device is safe from cyberattacks. Data storage devices are certainly no exception to these threats, especially considering the allurement caused by hundreds of terabytes of stored data,” Kozlovitser said, adding the pandemic has also played a part.
“Over the past few years, with the disruption caused by the COVID pandemic, cyber criminals are more inclined to exploit these vulnerabilities while most enterprises focused on shifting the workforce to a ‘work from home model’ thus leaving internal best practices in the rear view,” Kozlovitser said. “With those storage systems attached to the same network as the IP camera devices, this would allow for attackers to scan for those systems and grant them deeper access into the rest of the network, and possibly crucial company data.”
Tackling the problem from the vendor’s side
Amid cyber threats against storage devices, vendors are increasingly taking a proactive approach to harden their systems.
“BCD has always been an IT-centric company, and our cooperation in the ISO 20243 Secure Supply Chain program and incorporating the majority of our products on Dell’s most secure servers and workstations, allows for a significant advantage over standard IP video surveillance recording devices,” Kozlovitser said. “Utilizing a Security Development Lifecycle system, we provide extra security assurances passed through to the end user by ensuring a fully secure hardened system from provisioning to deployment. With having all the necessary tools already built into the BCD storage systems, the site administrator is able to implement preventative measures extremely quickly in the event of a cyber-attack. Onboard server tools such as remote system lockdowns, hard drive encryption, and enterprise key management can assist with in-motion data safety and theft prevention.”
In particular, the so-called trusted platform module (TPM) is increasingly used in security devices, including storage, to make them more hardened against intrusion.
“TPM (Trusted Platform Module) is quickly becoming a standard feature on all servers and workstations. It has been a standard component on all BCD devices for a number of years. The TPM chip is a secure crypto-processor which allows for the assurance of system integrity at both the firmware and hardware level, comparing stored cryptographic keys to ensure the code matches and has not been altered in any way,” Kozlovitser said. “With the use of encrypted disks, the TPM chip will be utilized to store these keys, and in the event of drive theft or intrusion, attackers cannot access the drives data without the TPM chip being present. Enterprise-level TPM chips come with intrusion protection and tamper detection, making them nearly impossible to break or bypass, keeping the drives data secure and uncompromised.”
What users/SIs should do
According to Kozlovitser, the best security measure for any systems integrator or end customer is to ensure that best-effort cyber practices are expected, upheld, and enforced with continuous robust evaluation and mitigation plans. “Proactive system updates with best practices and basic upkeep will ensure system security and stability. Cultivating an educated, trained staff that understands the importance of network security, along with its supported devices and services will make these adjustments simpler. Having a close hardware vendor relationship for support, and recommendations on network security will provide progressive protection against a cyber-attack event,” Kozlovitser said.