NAS security
How do I protect a network attached storage (NAS) box from physical attacks as well as network based attacks? I have found that disk encryption is useful where there is a physical insecurity like theft of the hard disks. Is it a better choice to use disk encryption for the NAS box?

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

If you have the risk of physical security for the disks in a NAS system, you've got a bigger problem to consider regarding the overall viability of your business. Yes, you can encrypt data on a NAS system but there are not many product offerings currently. There are some encryption devices that can sit on the network and will encrypt data and handle some of the key management functions. If you are using your own file server with software to serve as a NAS system then you might be able to add some encryption software to that -- either publicly available or purchased. It might be less trouble (and less expensive in some cases) to address the physical security problem and controlling the impact to business of loss of access to data may be a catalyzing event for business continuance.

You should look for some of the NAS vendors to offer encryption natively with their systems in the very near future. That won't help you with your existing product but would for a new purchase. But if you don't fix your physical security problem first, you will be making a new purchase anyway.

This was first published in December 2006