www.techtarget.com Open in urlscan Pro
2606:4700::6812:15c  Public Scan

Form analysis
1 forms found in the DOM

GET https://www.techtarget.com/search/query

<form action="https://www.techtarget.com/search/query" method="get" class="header-search">
  <label for="header-search-input" class="visuallyhidden">Search the TechTarget Network</label>
  <input class="header-search-input ui-autocomplete-input" id="header-search-input" autocomplete="off" type="text" name="q" placeholder="Search the TechTarget Network">
  <button aria-label="Search" class="header-search-submit"><i class="icon" data-icon="g"></i></button>
</form>

Text Content

3
Trending Now

6 benefits of Pansas ActiveStor Ultra ASU-100S storage appliancesDownload
NowView All3
X
3Hello, these 3 documents have been trending and as a member they are free to
you.
 * 
   6 benefits of Pansas ActiveStor Ultra ASU-100S storage appliancesDownload Now
 * 
   HIPAA compliant email encryption: A guide for healthcare
   organizationsDownload Now
 * 
   Encryption is not enough: The need for zero trust in cloud data
   securityDownload Now




SearchStorage
Search the TechTarget Network
Sign-up now. Start my free, unlimited access.
Login Register
 * Techtarget Network
 * News
 * Features
 * Tips
 * Webinars
 * More Content
    * Answers
    * Buyer's Guides
    * Definitions
    * Essential Guides
    * Opinions
    * Photo Stories
    * Podcasts
    * Quizzes
    * Tech Accelerators
    * Tutorials
    * Sponsored Communities

 * Storage Soup Blog

 * SearchStorage
 * Topic Storage management and analytics
    * Cloud storage
    * Flash memory and storage
    * Primary storage devices
    * Storage architecture and strategy
    * Storage system and application software
    * All Topics

 * Follow:
 * 
 * 
 * 



Getty Images

Getty Images

Answer
Article 4 of 5
Part of: Explore storage security best practices and standards


WHAT ARE 3 BEST PRACTICES FOR STORAGE ENCRYPTION AT REST?




CONSIDER THE FINE PRINT OF ENCRYPTING DATA AT REST. FOR EXAMPLE, ACCESS CONTROL
PERMISSIONS CAN MAKE OR BREAK A STORAGE ENCRYPTION PLAN.

Share this item with your network:

 * 
 * 
 * 


By
 * Brien Posey

Published: 16 Nov 2021

Encryption is one of the most fundamental practices for keeping data secure.
However, there is more to using storage encryption than just its enablement.



Here are three best practices for working with storage encryption at rest.


REVIEW ACCESS CONTROL PERMISSIONS

Regularly review the access control permissions for data. Although this best
practice might seem to have little to do with storage encryption at rest, there
is a reason for its inclusion here. Excessively permissive access control
policies can undermine the security benefits gained with storage encryption.

If access policies grant everyone -- including unauthenticated users -- access
to the data, then encryption becomes meaningless.


STANDARDIZE THE METHOD OF STORAGE ENCRYPTION

It's a good idea to use a single type of encryption algorithm for all data --
although there may sometimes be logistical constraints that make this
impossible. Using one type of storage encryption at rest can help to simplify
both key management and storage management.

At the same time, it is important to evaluate storage performance, both before
and after the encryption. Every encryption algorithm carries a certain amount of
overhead. This overhead doesn't just come into play during the initial
encryption process, but also during normal, day-to-day read operations.

Remember, data must be decrypted in order to be read. This concept applies to
everything from a user opening a file to a backup application that needs to
protect newly created data. As such, pick an algorithm for storage encryption at
rest that balances security with performance.

How algorithms and keys are used to make a plaintext message unintelligible


It's also a good idea to encrypt all data so that everything is protected,
regardless of its sensitivity. This will prevent a situation in which the
organization has accidentally left sensitive data unencrypted. However, there
are some data types that organizations cannot safely encrypt.


PROTECT ENCRYPTION KEYS

Protect encryption keys both against attack and loss. An attacker who gains
access to encryption keys is able to read encrypted data. Similarly, if those
same keys are lost or destroyed, then the organization loses the ability to
access its own data. The data remains in a permanently encrypted state, and the
organization can't decrypt it.



DIG DEEPER ON STORAGE MANAGEMENT AND ANALYTICS

 * EVALUATE CLOUD DATABASE SECURITY CONTROLS, BEST PRACTICES
   
   
   By: Dave Shackleford

 * 7 NAS ENCRYPTION BEST PRACTICES TO PROTECT DATA
   
   
   By: Robert Sheldon

 * TOP 5 CLOUD STORAGE SECURITY ISSUES AND HOW TO CONTAIN THEM
   
   
   By: John Edwards

 * DATA STORAGE SECURITY BEST PRACTICES FOR AVOIDING CYBERATTACKS
   
   
   By: John Edwards

RELATED Q&A FROM BRIEN POSEY

HOW CAN ORGANIZATIONS MANAGE MICROSOFT TEAMS STORAGE LIMITS?

Microsoft Teams storage limits can be complex for organizations to track. Learn
the details and how to add Microsoft 365 storage to avoid capacity ...  Continue
Reading

BACKUP RETENTION POLICY BEST PRACTICES: A GUIDE FOR IT ADMINS

It's critical for an organization to know what data it needs to retain and where
to store it. Some data is required for retention by law, so a ...  Continue
Reading

WHAT ARE 3 BEST PRACTICES FOR DECENTRALIZED STORAGE SYSTEMS?

Decentralized storage technology can be confusing and complicated. These best
practices, however, can help with implementation in enterprise IT ...  Continue
Reading

Part of: Explore storage security best practices and standards

Article 4 of 5
Up Next
Adopt data storage security standards to ensure compliance

Data storage security standards are vital to prepare for audit activities and
ensure compliance. This tip examines standards that address data storage
security.

5 tips for primary storage ransomware protection

Explore the steps storage administrators can take to safeguard against
ransomware. Dive deep into tips on access control, vulnerabilities and storage
monitoring.

7 NAS encryption best practices to protect data

Data storage security is as important now as it's ever been. Encryption is one
way to make NAS devices more secure against such threats as ransomware.

What are 3 best practices for storage encryption at rest?

Consider the fine print of encrypting data at rest. For example, access control
permissions can make or break a storage encryption plan.

Test your aptitude for secure data storage

Find out if your data storage security know-how is up to standards with a quiz.
Test your knowledge of common errors, helpful terms and resources, and ensure
your data is secure.



Sponsored News
 * Optimizing Storage Architectures for Edge Computing: 5 Design Considerations
   –Western Digital
 * 4 Factors to Optimize Your Multi-Cloud Experience –Dell Technologies
 * 4 Ways Thin Clients Strengthen Cloud Security –HPI
 * See More

Related Expert Q&A
 * What are 3 cloud backup security guidelines against ... – SearchDataBackup
 * What's the best way to secure Amazon S3 buckets? – SearchAWS
 * How can I encrypt backups for better data protection? – SearchDataBackup



Latest TechTarget resources
 * Disaster Recovery
 * Data Backup
 * Converged Infrastructure

SearchDisasterRecovery
 * How to manage disaster recovery in SQL Server
   
   SQL Server offers a platform for hosting relational databases. Enacting a
   disaster recovery plan that won't disrupt ...

 * Decode the 4 phases of emergency management
   
   The four-phase framework to emergency management can help organizations plan
   for all types of emergencies. Here's more about each...

 * Critical event management software simplifies disaster recovery
   
   Critical event management software can help reduce the chaos of disaster
   response, without overloading disaster recovery teams ...

SearchDataBackup
 * For Salesforce backup options, look beyond native capabilities
   
   Salesforce deals with critical data, so data protection is a major
   consideration. Find out why users may want to look outside the...

 * Trello backup best practices
   
   SaaS applications like Trello have gained traction in recent years. Protect
   mission-critical data on Trello boards with these ...

 * OwnBackup SaaS data protection expansion includes ServiceNow
   
   Following major funding rounds and acquisitions, SaaS data protection vendor
   OwnBackup has made its move into new territory. ...

SearchConvergedInfrastructure
 * FlexPod XCS brings cloud capabilities to data centers
   
   FlexPod XCS, the latest NetApp and Cisco converged infrastructure appliance,
   expands support for hybrid cloud environments with ...

 * Nutanix revenue increases, driven by hybrid cloud adoption
   
   Benefiting from the growing user adoption of hybrid clouds and a significant
   increase in digital transformation projects, Nutanix...

 * The top hyper-converged systems and composable infrastructure of 2021
   
   These Products of the Year winners offer the flexibility and scalability that
   make hyper-converged systems an excellent choice ...

 * About Us
 * Editorial Ethics Policy
 * Meet The Editors
 * Contact Us
 * Advertisers
 * Business Partners
 * Media Kit
 * Corporate Site

 * Contributors
 * Reprints
 * Answers
 * Definitions
 * E-Products
 * Events
 * Features

 * Guides
 * Opinions
 * Photo Stories
 * Quizzes
 * Tips
 * Tutorials
 * Videos

All Rights Reserved, Copyright 2000 - 2022, TechTarget

Privacy Policy
Cookie Preferences
Do Not Sell My Personal Info


Close