Continuity issued a research report which provided an analysis of the vulnerabilities and misconfigurations of enterprise storage systems. The findings revealed that storage systems have a significantly weaker security posture than the other two layers of IT infrastructure: compute or network.
These findings are alarming given the fact that, unlike an attack on individual endpoints or servers, which can cause problems, an attack that targets storage systems can be truly devastating.
A compromise of a single storage array can bring down thousands of servers – and wipe out petabytes of data, a frightening prospect given the rise in ransomware attacks over the past three years that target corporate data.
Data from more than 400 enterprise storage devices from vendors including Brocade, Cisco, Dell EMC, IBM, Hitachi Data Systems, NetApp, and others, were analyzed.
The impact of storage systems vulnerabilities More than 6,300 discrete security issues, such as vulnerabilities and misconfigurations, were detected. More than 170 security principles were not adequately followed.
Read the article