In the storage realm RAID architecture continues to be very popular and is widely used by different vendors because it allows for the combination of different hard drives into one fast, reliable and spacious storage device that satisfies nearly all enterprise data storage needs. However, along with all the well known benefits of RAID architecture a common misconception continues to exist; many IT professionals still believe that the data stored on RAID devices is secure. This false belief stems from the basic concept of RAID – distributing the data among many hard drives which disrupts files’ formats and makes the stealing of one particular hard drive from the RAID system useless for insider. This paper highlights the threats to data in a RAID architecture and outlines why additional data protection procedures should be employed to ensure complete protection and compliance with the ever-increasing regulatory mandates for securing sensitive data.
There are three key concepts in a RAID architecture: mirroring, the copying of data to more than one disk; striping, the splitting of data across more than one disk; and error correction, where redundant data is stored allowing problems to be detected and possibly fixed (known as fault tolerance).
Mirroring
If only mirroring is implemented, no data is distributed among hard drives at all and there are no obstacles for a thief – the same data is stored on more than one hard drive and the loss of one hard drive means compromising all data within the RAID. Fortunately RAID mirroring is rarely implemented as a standalone solution.
Striping
Striping means that data block is split into several smaller pieces before being written to the device (the number of pieces depends on the number of hard drives) and each piece is written to a separate hard drive. The size of the piece varies at different RAID levels: RAID2 stripes the data at the bit level so the size of the piece is one bit; RAID3 – at the byte level; RAID4, RAID5 and RAID6 – on the block level. [2] The size of one block on all modern hard drives is 512 bytes. We will analyze only block-level stripes because they are used in most popular storage solutions. For example, NetApp’s FAS6000 Series storage employs RAID6 for higher data availability with little or no performance loss.
Error correction
As seen from the previous examples, storing redundant data across the RAID does not limit the ability of a thief to recover data from a stolen hard drive. The exception to this is a situation where error-correction data is stored on a separate hard drive and the thief stole this specific hard drive. In this case, with no useful information on the stolen drive, the company is very lucky. However, hoping for the best and relying on fortune or fate is no substitute for proper network and data storage security planning and procedures.
Summary
We have seen that mirroring does not hide data at all. And though striping data in RAID devices at the block level may distribute files across the RAID disks, it still leaves data accessible to a thief who can steal one hard drive from the RAID array. Significant amounts of data will be compromised and additional protection techniques, such as server data encryption, should be considered to eliminate the financial, regulatory and reputation risks.
|
