New 2TB VaultDisk® Doubles Largest Capacity Removable SSD

CAMPBELL, CA – June 5, 2018 – DIGISTOR announced today the release of the 2TB VaultDisk®—the industry’s largest capacity removable SSD for laptop systems. Bringing the 2TB VaultDisk to market, DIGISTOR effectively doubles the maximum capacity of both the removable SSD for laptops and removable SSD for small form factor (SFF) computers.For administrators required to switch in and out of multiple networks and security clearance levels, VaultDisk provides a game changing solution. Utilizing the latest 3D NAND chips to double the capacity of previously removable SSDs, VaultDisk offers the same incredible benefits of their previous models, but now with a significant capacity increase.
Read Full Press Release on Digistor.Com…

Veteran Investor and Entrepreneur Dave Withers Joins DIGISTOR Board

CAMPBELL, CA – April 24, 2018 – DIGISTOR, the leader in secure data and storage solutions, is pleased to announce that entrepreneur and investor Dave Withers has joined their board of directors. A veteran of multiple successful startups, Withers brings with him a 20 year track record of identifying disruptive technologies and building successful hardware and software businesses as both an operator and investor. Withers joins DIGISTOR to assist the company through their unprecedented growth. Read More…

VaultDisk® is now available for the Dell Precision 3520

VaultDisk Removable Boot SSD for Dell Precision 3520 Workstations

VaultDisk® is a drive bay built into Small Form Factor PCs and Laptops that allow for the VaultDisk® SSD boot drive to be easily accessed and removed from the system. Once the drive is ejected, it can be cloned, stored safely, swapped out for a different OS or allow the system to boot into an OS with security clearance to access various network security levels. DIGISTOR has provided VaultDisk® solutions for many Small Form Factor machines, as well as beefy desktop-replacement workstation laptops in the past. Now VaultDisk® is available for the 15” Dell Precision 3520, a lighter, thinner, yet still very powerful workstation laptop.

This workstation has quickly become a favorite among system administrators for its speed and highly upgradable capacity.  Now that the 15” laptop can be shipped with custom drive bays that host the flexible, bootable VaultDisk® drives, it’s an even more attractive option for professionals required to switch in and out of multiple networks and security levels. With VaultDisk®, the SSD can be swapped with the convenience of an old school floppy drive, without exposing the inner workings of the device itself. For professionals working in the federal, defense, and security industries, this combination of flexibility, power and performance is a no brainer.

VaultDisk Removable Boot SSD for Dell Precision 3520 Workstations

DIGISTOR Solves Drive Distinction Problem with Color Identifiable Drives

CAMPBELL, CA – March 13, 2018 DIGISTOR today announced the release of color identifiable VaultDisk® drives, making the interchangeable solid state storage solution even more useful to companies and organizations hosting a variety of security levels and networks. This subtle yet critically important choice aims to make protected networks even more secure and give employees who use and maintain them a swifter way of distinguishing the drives. Read More…

DIGISTOR Secures Success with New Director of Business Development Chris Persaud

CAMPBELL, CA – February 20, 2018 – DIGISTOR, the leader in secure data and storage solutions, is pleased to announce that as of January 2, 2018, Chris Persaud has joined the team as Director of Business Development. With a solid background in technology, sales, and defense, Persaud will focus on continuing to bring DIGISTOR’s enterprise level removable storage solution, VaultDisk®, to the federal space. Read More…

DIGISTOR Creates a New Industry Standard for Secure Removable Drives

Vaultdisk Removable Secure SSD Drives

CAMPBELL, CA – February 14, 2018 – DIGISTOR, the leader in secure data and storage solutions, is pleased to announce the release of VaultDisk®, a removable solid state SATA drive compatible with the 2.5” industry standard in a smaller, sleeker form factor. This removable, bootable storage solution was designed specifically for the federal space and can be utilized in a variety of Dell workstations and laptop systems. For administrators required to switch in and out of multiple networks and security clearance levels, VaultDisk® provides a game changing solution. Read More…

Evaluating Storage System Security

Storing digital data successfully requires a balance of availability, cost, performance and reliability. With the emergence of low-power, petabyte-scale archival storage and flash-based systems, it is getting increasingly difficult to quantify performance, reliability and space-efficiency trade-offs, especially when coupled with storage-security factors. Storage performance is measured by latency, throughput (bandwidth) and IOPS, with throughput typically presented as overall sustained (long) and peak (short) performance transfer rates, and has a wide variety of non-uniform and unique measurement views when storage security is employed.

Although much work has been done on defining, testing and implementing mechanisms to safeguard data storage in long-term archival storage systems, data security verification in our cloud-based, mobile-driven, virtual containerized software-defined remote storage world, remains a unique and ongoing challenge.

Data security can be ensured in a variety of ways depending on the level of security desired, performance and the level of tolerance of user-inconvenience. Most storage systems rely on encrypting data over the wire or by on-disk data encryption, typically using pre-computed checksums and secure hashes, but with no standardized parameters or protocol for comparison between network or on-disk performance and integrity while in actual use.

In today’s multi-tenant virtualized container storage environments, containers depend on a different approach to virtualization, ie. they are not the hardware of things and how a guest O/S runs on top of all that (cpu/memory/network/storage), as containerization separates users and processes from each other. Multi-tenant security is especially important with the heavy reliance on 24xforever mobile data access from containerized cloud storage, where the top-10 security issues identified in 2015 by OWASP (www.owasp.org) were:

  • Insecure data storage;
  • Weak server-side controls;
  • Insufficient transport layer protection;
  • Client-side injection;
  • Poor authorization & authentication
  • Improper session handling
  • Security decisions via un-trusted inputs
  • Side-channel data leakage
  • Broken cryptography
  • Sensitive information disclosure

Docker, one of the most prevalent deployed container technologies in use today, have just recently addressed container user-security concerns  by separating daily container operation privileges from root privileges on the server host, thus minimizing risk of cross-tenant user namespace and root server/data access.

The Center for Internet Security recently released a series of internet security benchmarks (https://benchmarks.cisecurity.org) resources that, although an independent authority and not a standards body, are based on recommended industry-accepted FISMA, PCI, HIPAA and other system hardening standards to help in mitigating security risk for virtualized container storage infrastructure implementations. Although there are a number of new technology products being introduced specifically focused on unique virtual container data security, what does ‘secure’ really mean in the container-context, ie. secure container access, valid container data, native security of application(s) in the container, etc. ?  Most container data volumes today are tied to a specific virtual server, and if the container fails or is moved from that one server to another, the connection to the data volume is lost (no persistent storage), regardless of employed security parameters. For virtual container data to be truly secure, a fully distributed, reliable, secure read/write container file system must be employed to ensure secure, resilient cloud deployments. Ideally, this can be achieved with a container-native cloud deployment on bare-metal, without the use of virtual machines, making the container’s data lifecycle and application scalability independent of the container’s host, while minimizing the future cost and complexity of provision and management of virtual machine server hosts. That coupled with a hardware-secured, write-once data storage device tier, can truly ensure long-term data storage security irrespective of use or lack of encryption use. Additionally and most importantly, cloud data storage encryption keys, although defined within the facets of the SNIA-based Cloud Data Management Interface (CDMI) key management interoperability protocol (KMIP) proposed standard, requires better wide-spread adoption, as most crypto key management is either at the specific storage device level with a single point of key-access failure or as a Cloud provider-managed option today…Lose the key(s), lose the data, no matter how securely managed or replicated!

Clients acting in the role of using a data storage interface

Some data storage security basics:

  • Physical security is essential.
  • Develop internal storage security standards (authentication/authorization/access control methods, configuration templates, encryption req’s., security architecture, zoning, etc.).
  • Document, maintain and enforce security policies that cover availability, confidentiality and integrity for storage-specific areas.
  • Ensure basic access controls are in place to determine your policies; change insecure access permissions.
  • Unload unnecessary/not-required storage services related to NFS (mountd, statd, and lockd).
  • Limit and control network-based permissions for network volumes and shares.
  • Ensure proper authentication and credential verification is taking place at one or more layers above storage devices (within the host operating system, applications and databases).
  • Operating system, application and database-centric storage safeguards are inadequate. Consider vendor-specific and/or 3rd.party storage security add-ons.
  • Ensure audit logging is taking place for storage security accountability.
  • Perform semi-annual information audits of physical location inventory and critical information assets.
  • Separate storage administration and maintenance accounts with strong passwords for both accountability and to minimize potential compromised-account damage.
  • Encrypting data in transit helps, but should not be relied on exclusively.
  • Carefully consider software-based storage encryption solutions for critical systems (key mgt.).
  • Evaluate and consider hardware-based drive encryption on the client side.
  • Carefully select a unified encryption key management platform that includes centralized key lifecycle management.
  • Deploy Boolean-based file/stream access control expressions (ACE’s) in container environments to simplify permission granting to users/groups across data files/directories while providing an additional data protection level in multi-tenant environments.
  • Evaluate OASIS and XACML policy-based schemas for secure access control.
  • Evaluate and consider write-once data storage technology for long-term archival storage tiers.

Don’t Get Caught With Your Pants Down

Here at Digistor we’re aware of the concern over recent high-profile data breaches – but did you realize the same scalable solution Facebook is implementing for a complete revamping of their secure storage backups is already available to you as a consumer? The need for worry-free systems that offer as much – or as little – space as you need is growing for companies and individuals, alike.

Repeated Violations of Privacy Are More Scandalous than Leaked Photos.

Right on the heels of the cringe-inducing publicity of several high profile hacked iCloud accounts that left a nation of casual cloud-storage users feeling vulnerable, comes another system attack that should have every responsible vendor searching for more secure options.

Home Depot has confirmed that on Monday that hackers were able to break into the chain’s in-store payment systems in what could be the largest known data breach of any retail company’s computer network. According to recent coverage by the NY Times, affected customers could number over 60 million.

Data Breaches Cost More Than Your Reputation

The sheer scale of customers affected by Home Depot’s data breach surpasses last year’s title-holding hacker attack into Target’s systems – An ordeal that affected 40 million customers across the US and Canada.

And if that wasn’t embarrassing enough, Home Depot’s attempts to offer reconciliation include a paltry offering of identity protection and credit monitoring services, which hasn’t deferred customers in Georgia from already filing a class-action lawsuit against the retailer for failing to protect customers from fraud or alerting them in a timely manner.

With companies being held legally liable for the security of their customer’s data, is it any wonder that Facebook kicked off this year by building a Blu-ray storage system? Their 10,000 disc strong system amounts to over a petabyte of energy-efficient, secure data storage.

Digistor’s Solutions Back Up More Than Your Data

The NY Times has reported that

“The Department of Homeland Security and the Secret Service recently estimated that more than 1,000 businesses in the United States had been infected with malware that is programmed to siphon payment card details from cash registers in stores. They believed that many of these businesses did not even know they were sharing customers’ credit card information.”

NPR’s All Tech Considered has coined the phrase Data Breach-Fatigue` when discussing the overwhelming feeling of numbness consumers have regarding the repeated notifications businesses large and small to keep an eagle eye on their accounts.

“We are in the trough of disillusionment,” says Gartner security analyst Avivah Litan. “Over 1,000 retailers have been hit; it’s not limited to Home Depot. There are 999 others that no one’s talking about.”

As a business owner, the fear of a data breach increases with the knowledge that your system’s security is depended upon by others. And when faulty security has the capability to both cripple a company’s good name, and their bottom line if found responsible for restitution, you may find yourself turning to alternatives for secure data storage and archiving.

Dropbox replacing the Hard Drive?

We would like to share this article posted today on readwrite.com. CEO Drew Houston says Dropbox is “replacing the hard drive.”  We are huge fans of Dropbox and use it regularly, however this article makes some great points about potential setbacks of relying solely on the cloud as a data storage solution.

Source: http://readwrite.com/2013/07/16/dropbox-replace-hard-drive

How to: Pause an Archive Mid-burn with REWIND’s Finish Later Feature

REWIND™ is an easy to use data storage application to archive all your digital assets permanently to Blu-ray disc. We give you full control over your Blu-ray hardware. REWIND has the ability to finish your archive on your schedule. We built REWIND with a unique Finish Later feature, to pause your archive mid-burn and let you finish the archive later, picking up right where you left off.

REWIND Archiving software runs on both PC and Mac computers. The Finish Later feature demonstrated below is only available with REWIND. No other Blu-ray burning software to-date has such control of burning Blu-ray discs.

Via: DIGISTOR YouTube Channel
Product Page: REWIND™ Archiving Software for PC and Mac – DIG-RE110