+1 (650) 356-8500 info@scality.com

Is your storage solution security compliant?

When people think of securing data, their thought process usually begins and ends with encryption.  Encryption is a great start but it is certainly not the end of an organization’s journey to properly secure their data. Along the long road to achieving security greatness should come a stop for talks about compliance. In this blog, I will take you on a quick journey about what is commonly needed for compliance with a cloud storage solution.

There are many different regulatory rules out there that organizations are using. For example, HIPAA is a set of security rules and safeguards that must be implemented when working with public health information and FIPS-140-2 is used by Government organizations to list requirements and standards for encryption used.

Compliance Regulations

The good news is that there is some common ground between compliance regulations. Here are a few common requirements that organizations should consider on their compliance journey:

  • Role-based Access
  • Data Encryption
  • Data Integrity
  • Auditing

Role-based access helps separate permissions that users have to a system. For example, if user Jane is a doctor working in a medical facility,  Jane should have complete access to her patients information. Jeff who works as the cloud storage administrator in the medical facility should only have access pertaining to maintaining the storage and not patient records.

Data should never be transmitted in plain text and that means encryption must be used to help secure confidential information. Most or all of the public cloud storage providers support encryption using SSL but what about the private cloud? A truly enterprise-ready private cloud storage solution will have this available.

Data integrity is important for compliance reasons because the receiver of the data or auditor must know that the data has not been tampered with. Common ways to achieve this is through  Write once read many (WORM) support in a storage solution or with versioning capabilities featured in the Amazon S3 API.

Auditing is crucial for compliance and general system administration. Storage administrators should have a log of every change made to the system that can be referenced when needed in the future with details such as the user making the change, date and time of the change, name of the action performed, component changed, and any error messages.

Scality RING is an ideal solution for organizations wanting a secure private cloud storage solution that takes security and compliance needs seriously.

Photo by Markus Spiske on Unsplash

Tyna Callahan

Tyna Callahan

Sr. Director of Communications

News & Events

NEWS

Introducing RING8 with XDM

Intelligent data storage and orchetration for large-scale hybrid cloud

BLOG

Bulletproof Storage

A perfect example of digital transformation

EVENTS

Events & Webinars

Meet with Scality

 

Get a Live Demo

Request a demonstration

 

SAN FRANCISCO, USA

555 California Street, Suite 3050
San Francisco, CA, 94104
Email: sales.us@scality.com
Telephone: +1 (650) 356-8500
Fax: +1 (650) 356-8501
Toll Free: +1 (855) 722-5489


PARIS, FRANCE

11 rue Tronchet
75008 Paris, France
Email: sales.eu@scality.com
Telephone: +33 1 78 09 82 70


WASHINGTON, D.C., USA

43777 Central Station Drive, Suite 410
Ashburn, VA 20147, USA
Email: sales.us@scality.com
Toll Free: +1 (855) 722-5489

BOSTON, USA

50 Milk Street, 16th Floor
Boston, MA 02109, USA
Email: sales.us@scality.com


TOKYO, JAPAN

Otemachi Bldg. 4F, 1-6-1, Otemachi
Chiyoda-ku Tokyo, 100-0004 Japan
Email: sales.japan@scality.com
Telephone: +81-3-4405-5400


LONDON, UNITED KINGDOM

20 St Dunstans Hill
London, United Kingdom, EC3R 8HL
Email: sales.eu@scality.com
Telephone: +44 203 795 2434

Share This