Ensuring security in an ever-increasing data hungry world

Date Published: February, 03, 2020

By Jim Hatfield, Chair of the Storage Work Group in the Trusted Computing Group (TCG)

The era of data-centric computing is here and fortunately data storage is more effective than ever. New applications and platforms are creating vast quantities of data which needs analysing, not just archiving. Big data applications like Artificial Intelligence (AI) and Machine Learning (ML) need access to ever larger pools of information, and Internet of Things (IoT) projects all add to this flood of information.

The adoption of these new applications and platforms is growing rapidly, bringing with it a variety of new challenges that the Trusted Computing Group (TCG) has already put in motion to address.

As storage has become more important, it has also become more flexible with less of the lock-in of older technologies. The storage function has evolved rapidly over the last 10 years in response to needs and cost pressures. It is more likely for enterprises today to have a hybrid storage system encompassing persistent memory, SSDs, HDDs and cloud storage at the very least – making security across the range of systems integral.

Data acceleration

By 2020, every person will generate 1.7 megabytes in just one second, according to Domo. With huge amounts of data available, the storage of this data needs to be at the forefront of IT executives’ and operators’ minds.

Data storage has evolved more in the last 10 years than over the 25 years before that, and the rate of change is accelerating, regardless of the industry. Trend-heavy industries such as food, fashion, entertainment and social media must gather and analyse masses of streaming time-series data to understand and predict where their markets are going. As storage costs continue to decline at 25-40% annually, more and more applications will become economic, further increasing demand for storage.

As the adoption of new applications and the data they bring continues to grow exponentially, the need for safe and secure storage also grows too. As a direct response to this, the TCG Storage Work Group is building on the existing technologies of TCG to develop specifications and practices to enable operators to harden the security of a storage device. Through specified protocols enabled by TCG Storage Work Group specifications, operators are able to collect sufficient information from endpoints and have it delivered in a manner that preserves its suitability to determine endpoint integrity.

Looking ahead

TCG’s storage specifications are successfully incorporated across the industry, but as technology advances and becomes more intelligent, we need to adapt and overcome the challenges this brings. The Storage Work Group is responsible for delivering the specifications needed to achieve maximum security, no matter what type of storage interface is used.

Recently, TCG’s Storage Work Group has published the following new specifications:

  • TCG Storage Security Subsystem Class: Ruby Specification Version 1.0 Revision 1.0
  • TCG Storage Application Note: Configurable Namespace Locking Examples Version 1.0 Revision 1.0
  • TCG Storage Interface Interactions Specification (SIIS) Version 1.08 Revision 1.0
  • TCG Storage Opal Family Test Cases Specification Version 1.08 Revision 1.0

These new specifications and standards further reinforce TCG’s commitment to defining the same security services across the wide range of security controller interfaces.

Storage will remain about cost, ease of management and an overriding need for ever faster growth. Assuming applications continue to consume ever-growing quantities of data then the storage function will continue to grow too, making the security of these devices critical.

If you are interested in participating in the Storage Work Group, please get in touch by emailing [email protected]

Join

Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.

Join Now

Trusted Computing

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.

Read more

Specifications

Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.

Read more