Security Basics for the Storage Administrator―Part 2

摘要

In Part 1 of this article we introduced the concept of "defense-in-depth," which uses a layered security model to protect a company's assets. We also discussed storage security essentials, which are core concepts to security in any type of organization. In Part 2 we will discuss some basic mistakes found in many storage networks―mistakes that can be prevented by adhering to common security principles. The following topics will be discussed: 1. Management interfaces 2. Default passwords 3. Operating System Security 4. Shared-level passwords 5. Configuration errors 6. Third-party connections 7. Clear-text management.