Security and network management top concerns

In the wake of last month’s terrorist attacks, IT managers and industry experts at the Storage Networking World conference in Orlando say IT budgets have never been tighter and they will never look at disaster recovery or security of customer information the same way again.

Many of those attending Storage Networking World agreed that another emerging concern is that companies are in danger of being sued if a customer’s data is stolen or “hijacked” and damages result from the release of information such as credit card or account data.

Michael Vatis, director of the Institute for Security Technology Studies at Dartmouth College in Hanover, N.H., also warned the approximately 1,400 conference attendees that CIOs and other executives need to be more alert to hiring practices.

“If we have terrorists who are sleepers who’ve been here for years . . . we need continue to worry about who we hire as employees, as contractors,” he said. “Who has access to our systems?”

In order to improve security, storage administrators will eventually be asked to create more distributed networked storage systems at multiple sites rather than one or two massive backup or disaster recovery centers, “so no one incident can take the whole system down,” Vatis predicted.

“Technology offers us wonderful opportunities for efficiency, but if it’s taken over – if it’s hijacked in some way by somebody who wants to do harm – the opportunities to do harm and to create massive detrimental impacts is greater than ever,” he said.

An end-user panel discussion moderated by Computerworld US editor-in-chief Maryfran Johnson, concluded that financial services firms and other large enterprises are under pressure to scrutinize who has access to what information, as well as to find new software security and management tools.

“We need a solution that works for us and not one that is vendor-specific – that’s open and available as possible,” said George Vrabel, a senior vice-president at Charlotte, N.C.-based Bank of America Corp.

Panelists also said they would be willing to outsource in these tight economic times but warned about scrutinizing service-level agreements to ensure that companies actually get what is being sold to them.

“You have to look at the depth of their staff and get a commitment that the team you’re being presented with is the team that’s going to support you,” said Brian Cobb, director of systems engineering at Reston, Va.-based Sallie Mae Corp.

“You have to understand what’s going on and upfront have an exit strategy,” said Vrabel. “[You need to say] what happens if it doesn’t work, rather than saying, ‘Hey, this isn’t working too well.'”

The panel also took vendors to task for not providing open software tools.

A poll of the audience conducted through an electronic device showed that 79 per cent of attendees felt that incompatibility among vendor systems has had a negative impact on their IT infrastructures. In another poll, the audience indicated that a lack of storage management tools is an increasing problem as networks continue to grow.

The ability to purchase even the most basic tools, however, has become difficult, with extreme belt-tightening occurring in IT shops.

Rowland Ellison, a senior technical specialist at Memphis-based FedEx Corp. who manages a data centre, was patrolling the exhibition floor yesterday seeking out the latest storage technologies, even though he knew he couldn’t buy them. Ellison said his executive management has told him that in order to avoid further layoffs, he must make use of the IT infrastructure he now has.

Diane McPadden, a systems administrator at Melbourne, Fla.-based Harris Corp., said she had been planning to put together a Fibre Channel storage-area network but is now being forced to delegate half of her company’s storage to less-expensive network-attached storage. “We’re hurting for disk space and management tools,” she said.

The lack of robust storage management tools is a common cry among conference attendees. Most have said that vendors just don’t “get it” and that they need software that will let them allocate storage and automatically load-balance between systems instead of just let them view networks.

McPadden said that if she was able to track storage use, she could make chargebacks to various departments.

“Vendors have come a long way, but they still have a ways to go,” she said.