Improving the Security of Storage Systems: Bahrain Case Study

Introduction

In the old days, organizations and enterprises have had almost always a file server that is located in a corner without being used because employees were relying on their local disk drives. Nowadays everything has changed and storage systems are of high importance and of different applications and formations. Storage Systems is becoming a specialization by itself and companies acquire hardware and software storage specialists. The decision of choosing a particular storage system over another for a specific application and the way the system is managed after commissioning is not straight forward and depends on a lot of factors one of which is the cyber security which is the area of research and concern in this paper.

Cyber Security of systems is becoming a major issue worldwide and it is being discussed on the highest level of decision makers. Having this said, the security of important systems which affects the performance of organizations should be assessed and improved. One of these systems is the storage system which has currently a lot of breaches and vulnerabilities in most of the organizations. Some of those vulnerabilities are the lack of access control, weak password policies and ineffective firewall rules.

This study is motivated by the mentioned factors to assess the traditional storage servers from security point of view, and finds a solution to the threats found. In addition, using cloud storage services instead of the traditional storage server is studied from cyber security point of view as well. A model is proposed in conclusion for organizations to consider.

The main objective of this paper to study the security of file storage server of an organization. Different kinds of security threats and a number of security techniques used to protect information will be examined. Thus, this paper is to answer the following questions regarding the cyber security of the current storage system:

• 1.

  What are the current challenges in the current locally hosted storage servers?

• 2.

  What are the security threats of storage servers used in Bahrain?

• 3.

  What are the security techniques which can mitigate these threats?

• 4.

  How the security techniques can be integrated in a one secure system design?

The big transition which has happened in the last decade from paperwork to electronic work and from manual operations to automatic is because of the heuristic magnificent development in computerized systems. Nowadays, a lot of computerized systems and components are a must for any organizational operations. Examples of such systems are: Databases Server, Mail Server, Web Server and Storage Server. Storage systems which are systems of interest in the research of this paper are one of the most important, if not the most, because the whole data that other systems are dependent on resides in it. For this reason storage systems has evolved rapidly in terms of storage medium, architecture, communication protocols, encryption …etc.

Storage systems attracted many authors; they studied their evolution, types, features, access techniques, and architecture (Richeard, 1977; Skondric, Konjicija, 2011; Tripathi, Mishra, 2011;Peng, Zhu, Luo, 2012;).Moreover, securing the storage system is one of the important issues which have been studied by many researches, because of various security attacks and threats (Richardson, 2010; Ateeq, 2012). Therefore, developing security systems to protect the storage systems are needed. A number of researchers have studied the security of storage systems and they proposed different solutions to solve the problems of securing storage systems (Miller, Long, Freeman, Reed, 2001; Niu, et. al., 2007;Stanton,2004; Xu, Jiang,2009).