CAMPBELL, CA – April 24, 2018 – DIGISTOR, the leader in secure data and storage solutions, is pleased to announce that entrepreneur and investor Dave Withers has joined their board of directors. A veteran of multiple successful startups, Withers brings with him a 20 year track record of identifying disruptive technologies and building successful hardware and software businesses as both an operator and investor. Withers joins DIGISTOR to assist the company through their unprecedented growth. Read More…
VaultDisk® is a drive bay built into Small Form Factor PCs and Laptops that allow for the VaultDisk® SSD boot drive to be easily accessed and removed from the system. Once the drive is ejected, it can be cloned, stored safely, swapped out for a different OS or allow the system to boot into an OS with security clearance to access various network security levels. DIGISTOR has provided VaultDisk® solutions for many Small Form Factor machines, as well as beefy desktop-replacement workstation laptops in the past. Now VaultDisk® is available for the 15” Dell Precision 3520, a lighter, thinner, yet still very powerful workstation laptop.
This workstation has quickly become a favorite among system administrators for its speed and highly upgradable capacity. Now that the 15” laptop can be shipped with custom drive bays that host the flexible, bootable VaultDisk® drives, it’s an even more attractive option for professionals required to switch in and out of multiple networks and security levels. With VaultDisk®, the SSD can be swapped with the convenience of an old school floppy drive, without exposing the inner workings of the device itself. For professionals working in the federal, defense, and security industries, this combination of flexibility, power and performance is a no brainer.
CAMPBELL, CA – March 13, 2018 DIGISTOR today announced the release of color identifiable VaultDisk® drives, making the interchangeable solid state storage solution even more useful to companies and organizations hosting a variety of security levels and networks. This subtle yet critically important choice aims to make protected networks even more secure and give employees who use and maintain them a swifter way of distinguishing the drives. Read More…
CAMPBELL, CA – February 20, 2018 – DIGISTOR, the leader in secure data and storage solutions, is pleased to announce that as of January 2, 2018, Chris Persaud has joined the team as Director of Business Development. With a solid background in technology, sales, and defense, Persaud will focus on continuing to bring DIGISTOR’s enterprise level removable storage solution, VaultDisk®, to the federal space. Read More…
CAMPBELL, CA – February 14, 2018 – DIGISTOR, the leader in secure data and storage solutions, is pleased to announce the release of VaultDisk®, a removable solid state SATA drive compatible with the 2.5” industry standard in a smaller, sleeker form factor. This removable, bootable storage solution was designed specifically for the federal space and can be utilized in a variety of Dell workstations and laptop systems. For administrators required to switch in and out of multiple networks and security clearance levels, VaultDisk® provides a game changing solution. Read More…
Storing digital data successfully requires a balance of availability, cost, performance and reliability. With the emergence of low-power, petabyte-scale archival storage and flash-based systems, it is getting increasingly difficult to quantify performance, reliability and space-efficiency trade-offs, especially when coupled with storage-security factors. Storage performance is measured by latency, throughput (bandwidth) and IOPS, with throughput typically presented as overall sustained (long) and peak (short) performance transfer rates, and has a wide variety of non-uniform and unique measurement views when storage security is employed.
Although much work has been done on defining, testing and implementing mechanisms to safeguard data storage in long-term archival storage systems, data security verification in our cloud-based, mobile-driven, virtual containerized software-defined remote storage world, remains a unique and ongoing challenge.
Data security can be ensured in a variety of ways depending on the level of security desired, performance and the level of tolerance of user-inconvenience. Most storage systems rely on encrypting data over the wire or by on-disk data encryption, typically using pre-computed checksums and secure hashes, but with no standardized parameters or protocol for comparison between network or on-disk performance and integrity while in actual use.
In today’s multi-tenant virtualized container storage environments, containers depend on a different approach to virtualization, ie. they are not the hardware of things and how a guest O/S runs on top of all that (cpu/memory/network/storage), as containerization separates users and processes from each other. Multi-tenant security is especially important with the heavy reliance on 24xforever mobile data access from containerized cloud storage, where the top-10 security issues identified in 2015 by OWASP (www.owasp.org) were:
- Insecure data storage;
- Weak server-side controls;
- Insufficient transport layer protection;
- Client-side injection;
- Poor authorization & authentication
- Improper session handling
- Security decisions via un-trusted inputs
- Side-channel data leakage
- Broken cryptography
- Sensitive information disclosure
Docker, one of the most prevalent deployed container technologies in use today, have just recently addressed container user-security concerns by separating daily container operation privileges from root privileges on the server host, thus minimizing risk of cross-tenant user namespace and root server/data access.
The Center for Internet Security recently released a series of internet security benchmarks (https://benchmarks.cisecurity.org) resources that, although an independent authority and not a standards body, are based on recommended industry-accepted FISMA, PCI, HIPAA and other system hardening standards to help in mitigating security risk for virtualized container storage infrastructure implementations. Although there are a number of new technology products being introduced specifically focused on unique virtual container data security, what does ‘secure’ really mean in the container-context, ie. secure container access, valid container data, native security of application(s) in the container, etc. ? Most container data volumes today are tied to a specific virtual server, and if the container fails or is moved from that one server to another, the connection to the data volume is lost (no persistent storage), regardless of employed security parameters. For virtual container data to be truly secure, a fully distributed, reliable, secure read/write container file system must be employed to ensure secure, resilient cloud deployments. Ideally, this can be achieved with a container-native cloud deployment on bare-metal, without the use of virtual machines, making the container’s data lifecycle and application scalability independent of the container’s host, while minimizing the future cost and complexity of provision and management of virtual machine server hosts. That coupled with a hardware-secured, write-once data storage device tier, can truly ensure long-term data storage security irrespective of use or lack of encryption use. Additionally and most importantly, cloud data storage encryption keys, although defined within the facets of the SNIA-based Cloud Data Management Interface (CDMI) key management interoperability protocol (KMIP) proposed standard, requires better wide-spread adoption, as most crypto key management is either at the specific storage device level with a single point of key-access failure or as a Cloud provider-managed option today…Lose the key(s), lose the data, no matter how securely managed or replicated!
Some data storage security basics:
- Physical security is essential.
- Develop internal storage security standards (authentication/authorization/access control methods, configuration templates, encryption req’s., security architecture, zoning, etc.).
- Document, maintain and enforce security policies that cover availability, confidentiality and integrity for storage-specific areas.
- Ensure basic access controls are in place to determine your policies; change insecure access permissions.
- Unload unnecessary/not-required storage services related to NFS (mountd, statd, and lockd).
- Limit and control network-based permissions for network volumes and shares.
- Ensure proper authentication and credential verification is taking place at one or more layers above storage devices (within the host operating system, applications and databases).
- Operating system, application and database-centric storage safeguards are inadequate. Consider vendor-specific and/or 3rd.party storage security add-ons.
- Ensure audit logging is taking place for storage security accountability.
- Perform semi-annual information audits of physical location inventory and critical information assets.
- Separate storage administration and maintenance accounts with strong passwords for both accountability and to minimize potential compromised-account damage.
- Encrypting data in transit helps, but should not be relied on exclusively.
- Carefully consider software-based storage encryption solutions for critical systems (key mgt.).
- Evaluate and consider hardware-based drive encryption on the client side.
- Carefully select a unified encryption key management platform that includes centralized key lifecycle management.
- Deploy Boolean-based file/stream access control expressions (ACE’s) in container environments to simplify permission granting to users/groups across data files/directories while providing an additional data protection level in multi-tenant environments.
- Evaluate OASIS and XACML policy-based schemas for secure access control.
- Evaluate and consider write-once data storage technology for long-term archival storage tiers.
Here at Digistor we’re aware of the concern over recent high-profile data breaches – but did you realize the same scalable solution Facebook is implementing for a complete revamping of their secure storage backups is already available to you as a consumer? The need for worry-free systems that offer as much – or as little – space as you need is growing for companies and individuals, alike.
Repeated Violations of Privacy Are More Scandalous than Leaked Photos.
Right on the heels of the cringe-inducing publicity of several high profile hacked iCloud accounts that left a nation of casual cloud-storage users feeling vulnerable, comes another system attack that should have every responsible vendor searching for more secure options.
Home Depot has confirmed that on Monday that hackers were able to break into the chain’s in-store payment systems in what could be the largest known data breach of any retail company’s computer network. According to recent coverage by the NY Times, affected customers could number over 60 million.
Data Breaches Cost More Than Your Reputation
The sheer scale of customers affected by Home Depot’s data breach surpasses last year’s title-holding hacker attack into Target’s systems – An ordeal that affected 40 million customers across the US and Canada.
And if that wasn’t embarrassing enough, Home Depot’s attempts to offer reconciliation include a paltry offering of identity protection and credit monitoring services, which hasn’t deferred customers in Georgia from already filing a class-action lawsuit against the retailer for failing to protect customers from fraud or alerting them in a timely manner.
With companies being held legally liable for the security of their customer’s data, is it any wonder that Facebook kicked off this year by building a Blu-ray storage system? Their 10,000 disc strong system amounts to over a petabyte of energy-efficient, secure data storage.
Digistor’s Solutions Back Up More Than Your Data
The NY Times has reported that
“The Department of Homeland Security and the Secret Service recently estimated that more than 1,000 businesses in the United States had been infected with malware that is programmed to siphon payment card details from cash registers in stores. They believed that many of these businesses did not even know they were sharing customers’ credit card information.”
NPR’s All Tech Considered has coined the phrase Data Breach-Fatigue` when discussing the overwhelming feeling of numbness consumers have regarding the repeated notifications businesses large and small to keep an eagle eye on their accounts.
“We are in the trough of disillusionment,” says Gartner security analyst Avivah Litan. “Over 1,000 retailers have been hit; it’s not limited to Home Depot. There are 999 others that no one’s talking about.”
As a business owner, the fear of a data breach increases with the knowledge that your system’s security is depended upon by others. And when faulty security has the capability to both cripple a company’s good name, and their bottom line if found responsible for restitution, you may find yourself turning to alternatives for secure data storage and archiving.
We would like to share this article posted today on readwrite.com. CEO Drew Houston says Dropbox is “replacing the hard drive.” We are huge fans of Dropbox and use it regularly, however this article makes some great points about potential setbacks of relying solely on the cloud as a data storage solution.
REWIND™ is an easy to use data storage application to archive all your digital assets permanently to Blu-ray disc. We give you full control over your Blu-ray hardware. REWIND has the ability to finish your archive on your schedule. We built REWIND with a unique Finish Later feature, to pause your archive mid-burn and let you finish the archive later, picking up right where you left off.
REWIND Archiving software runs on both PC and Mac computers. The Finish Later feature demonstrated below is only available with REWIND. No other Blu-ray burning software to-date has such control of burning Blu-ray discs.
Via: DIGISTOR YouTube Channel
Product Page: REWIND™ Archiving Software for PC and Mac – DIG-RE110
That is exactly what I asked myself about a month before my Playstation 3 hard drive crashed on me. While I have always been cautious about my computer back-ups and archiving precious documents I never spent time thinking about all the media files I keep on my PS3. Then one day my Playstation 3 hard drive crashed and all my content was gone! I had years of movies, music and photos accumulated and it was now all gone. I was upset about this and wondered why there was not a very easy way to back up your Playstation 3.
So the next day I came into the DIGISTOR offices and spoke to some of our design engineers wondering why there was not a simple and inexpensive way to backup your Playstation 3? It ends up our awesome engineering team already had a solution they had been using internally and testing was nearly complete! There had been a lot of talk about the value of an external media and backup drive for Playstation 3, but we were not sure of the markets interest level of such a product. I asked our lab for one of their prototypes and sent some home with our employees to use. The conclusion was that this DIGISTOR Playstation 3 hard drive was very easy to use and we thought our customers would also enjoy the ability to easily back-up their entire PS3 operating system. Once we had completed our development process we put the new product for sale online and at a few of our distributors to see if our customers agreed. We were pleasantly surprised to see how many people had the same problem as I did and with no other easy-to-use inexpensive solution on the market, our PS3 backup drive took off!
You can now back up your entire PS3 using the Playstation backup utility to the DIGISTOR™ Hard Drive for PS3 and also play back video files – any standard or high definition Divx or MPEG files (with no copy protection and < 4GB). Completely portable powering off of USB with no A/C adapters needed.
View photos and images using the PS3 Photo album rendering system, as well as Listen to your audio files, complete with album art (files with no copy protection).
When we first released this product a few years back, it was just an idea our engineers thought would help a few people. Now we have extended the models to include Xbox 360 and PS3 both at 500GB & 1TB models based on customer demand. This is a very easy to use product that will give you an extra layer of security for all of your media files stored on your gaming device, and we learned something very important: We learned to build products we think are cool and solve a problem, regardless of how much perceived value is in such a solution. Do yourself a favor and make sure and take care to back-up all your media files or your entire PS3 OS before that hard drive crashes!