Re: RAID 5 drive replacement schedule
- From: "Mike Hale" <eyeronic.design@xxxxxxxxx>
- Date: Fri, 20 Jun 2008 13:41:42 -0700
"That is not a security issue though. That is an IT related issue"
You're correct on that one, and I have no disagreement.
Going back to CIA and the pyramid...
"so on don't hold much water in my opinion."
So you're saying that data availability is marketing speak and not
something that needs to be built into a security system?
Seriously?
"What does creating a drive replacement schedule have to do with security"
That's not what i was addressing. I was addressing your statement
that "Availability is a vague term that can, but does not always have
a role in security."
Availability is not vague, nor "can" it have a role in security. It's
in integral part, along with Confidentiality and Integrity. If it's
ignored, the system itself has already failed, and is simply waiting
for someone to come along and take advantage of it.
On 6/20/08, Adriel Desautels <adriel@xxxxxxxxxxxxx> wrote:
Mike,
First off, there are multiple "security pyramids", each of them
different, most of them created for marketing, sales, etc. So CYA, TESSM,
and so on don't hold much water in my opinion.
With that aside, I'm open to being educated but I still disagree that
creating a drive replacement schedule requires any security expertise. As
such I do not see the subject as being a security topic. There are certainly
aspects of security that can be impacted by the act of changing the drives,
I won't argue that. So...
What does creating a drive replacement schedule have to do with security?
Educate me.
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142
---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security
Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn
Mike Hale wrote:
Philippe is actually correct.that
CIA forms the security pyramid.
Confidentiality.
Integrity.
Availability.
That's the three components of data in a secure system. Most
companies can only afford to focus on one of those aspects, but if you
ignore the others, you don't have a secure system.
On 6/20/08, Adriel Desautels <adriel@xxxxxxxxxxxxx> wrote:
Philippe,
I disagree with you and I think that the definition of security
vagueyou provided is partial, but thats just my opinion. Availability is a
whatterm that can, but does not always have a role in security. Determining
canthe proper schedule is for a drive replacement policy is something that
---------------------------------------------------------------be done by IT without the security team. Deciding how to dispose of the
drives on the other hand is security.
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142
raidNetragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security
Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn
Rivest, Philippe wrote:
Adriel & Murda
It is a security issue the way you store your data. In regards to the
suretechnologies, raid 5 improves the availability of the data by making
data.that a single drive failed will not impact the availability of the
disposalRemember that security is 1- Confidentiality
2- Availability
3- Integrity
The main goal of a Raid 5 is to help #2. You are referring to the
Murdaof
the HD which is the issue of confidentiality and that is not what
justwas
aiming at. If it is, go for encryption, degaussing, destruction and
2plain format (if the data is not confidential).
As I explained to him offline, the MTTF and MTBF is about the same for
goHD
bought/constructed at about the same time. How ever, those are notabsolute
numbers that state that, if one drive fails the other one is about to
gotoo.
It's more an estimated value against which you should have some
confidence/hope, your drive should not fail before X hours (it could
samebefore but the average is X).
In a raid 5, Drive A, B and C are online and working (they are the
& Cdrive
bought at the same time). Drive A fails, you should NOT change drive B
beunless they are failing also. If you do, the cost of your raid 5 will
togreater then what it should be (the replacing of the parts are going
withcost
a lot). Change drive A and hope drives B & C will last longer.
The only issue is that 2 drives fail at the same time, which is very
improbable. And if it does, you should be going for your back ups.
I do hope this clarified the questions and that I wasn't to unclear
[mailto:listbounce@xxxxxxxxxxxxxxxxx] Demy
details!
Merci / Thanks
Philippe Rivest, CEH
Vérificateur interne en sécurité de l'information
Courriel: Privest@xxxxxxxxxxxxx
Téléphone: (514) 331-4417
www.transforce.ca
-----Message d'origine-----
De : listbounce@xxxxxxxxxxxxxxxxx
time.la
part de Adriel Desautelsimprobable that all of the drives in the array will fail at the same
Envoyé : 20 juin 2008 11:27
À : Murda Mcloud
Cc : security-basics@xxxxxxxxxxxxxxxxx
Objet : Re: RAID 5 drive replacement schedule
Murda,
The real answer to your question is that it is very, very
youMost drives are good for a certain period of years, after which point
issue.are getting "extra time".
That is not a security issue though. That is an IT related
http://www.linkedin.com/e/gis/48683/0B98E1705142The
security issue comes into play when you dispose of your drives. Do youshred them, just throw them in the dumpster, how do you dispose of them?
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
Join the Netragard, LLC. Linked In Group:
---------------------------------------------------------------
this
Netragard, LLC - http://www.netragard.com - "We make IT Safe"ensuring
Penetration Testing, Vulnerability Assessments, Website Security
Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn
Murda Mcloud wrote:
In my mind, this a security related question as it has to do with
replacement
availability.
Does anyone have links towards any whitepapers etc that suggest
of disks in a RAID 5 array as part of a maintenance cycle?
If all the drives in an array are the same age and one fails; does
themean
the others are more likely to fail. I'd imagine so as they have had
same
amount of usage.
--
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
- Follow-Ups:
- Was Re: RAID 5 drive replacement schedule - Now "Availability"
- From: Adriel Desautels
- Was Re: RAID 5 drive replacement schedule - Now "Availability"
- References:
- RE: RAID 5 drive replacement schedule
- From: Rivest, Philippe
- Re: RAID 5 drive replacement schedule
- From: Adriel Desautels
- Re: RAID 5 drive replacement schedule
- From: Mike Hale
- Re: RAID 5 drive replacement schedule
- From: Adriel Desautels
- RE: RAID 5 drive replacement schedule
- Prev by Date: Re: RAID 5 drive replacement schedule
- Next by Date: Re: RAID 5 drive replacement schedule
- Previous by thread: Re: RAID 5 drive replacement schedule
- Next by thread: Was Re: RAID 5 drive replacement schedule - Now "Availability"
- Index(es):
Relevant Pages
|
