The impossible enterprise data security challenge

Securely deleting data in a personal context is hard enough, but it's far more complicated when enterprise storage is involved

In my post last week, I described some of the basic challenges in ensuring that data you delete actually stays deleted. In the context of personal computers and removable drives, these concepts can be confusing for users but are usually fairly well understood by IT pros. But IT pros are often confused when deleting data in the context of storage virtualization in their data centers.

Virtualizing storage has been enormously popular for several years. It's no wonder, either: By abstracting the underlying storage medium from how it's presented to storage users, you can pull off really cool tricks. Thin provisioning, snapshots, SSD wear-leveling, and automated storage tiering are all possible thanks to storage virtualization.

However, all this progress has come at a cost to data security. You can no longer simply overwrite a disk with random garbage and assume that anything that had been on that disk has been effectively obscured, as you can on your PC. Instead, there are almost certainly leftover bits and pieces of that data floating around on your storage device.

If you want to be reasonably sure that someone won't come across sensitive data by accident, you can succeed without too much difficulty. But if you're looking for an iron-clad guarantee that sensitive data will never see the light of day, you'll find it can get substantially more complicated and in fact almost impossible without committing to a mammoth undertaking.

Imagine you're in IT at a medium-size accounting firm. Your data center infrastructure consists of a few VMware vSphere virtualization hosts coupled with a Dell EqualLogic SAN. You use Veeam's Backup and Replication to back all that up daily to an ExaGrid NAS and monthly onto tape monthly archives. Maybe you use products from Citrix Systems, Hewlett-Packard, Microsoft, and/or NetApp -- it doesn't matter, as the issues are the same in this common storage scenario no matter what products you use.

To continue reading this article register now

How to choose a low-code development platform