| PDF Pages<\/th>\n | PDF Title<\/th>\n<\/tr>\n | ||||||
|---|---|---|---|---|---|---|---|
| 7<\/td>\n | Foreword <\/td>\n<\/tr>\n | ||||||
| 8<\/td>\n | Introduction <\/td>\n<\/tr>\n | ||||||
| 9<\/td>\n | 1 Scope 2 Normative references 3 Terms and definitions 3.1 General <\/td>\n<\/tr>\n | ||||||
| 10<\/td>\n | 3.2 Terms relating to storage technology <\/td>\n<\/tr>\n | ||||||
| 12<\/td>\n | 3.3 Terms relating to sanitization <\/td>\n<\/tr>\n | ||||||
| 13<\/td>\n | 3.4 Terms relating to availability 3.5 Terms relating to security and cryptography <\/td>\n<\/tr>\n | ||||||
| 14<\/td>\n | 3.6 Terms relating to archives and repositories <\/td>\n<\/tr>\n | ||||||
| 16<\/td>\n | 3.7 Miscellaneous terms 4 Symbols and abbreviated terms <\/td>\n<\/tr>\n | ||||||
| 20<\/td>\n | 5 Structure of this document 5.1 Clauses 5.2 Controls <\/td>\n<\/tr>\n | ||||||
| 21<\/td>\n | 6 Overview and concepts 6.1 General 6.2 Storage concepts <\/td>\n<\/tr>\n | ||||||
| 22<\/td>\n | 6.3 Introduction to storage security <\/td>\n<\/tr>\n | ||||||
| 25<\/td>\n | 6.4 Storage security risks 6.4.1 Background 6.4.2 Data breaches <\/td>\n<\/tr>\n | ||||||
| 26<\/td>\n | 6.4.3 Data corruption or destruction <\/td>\n<\/tr>\n | ||||||
| 27<\/td>\n | 6.4.4 Temporary or permanent loss of access\/availability 6.4.5 Failure to meet statutory, regulatory, or legal requirements 7 Organizational controls for storage 7.1 General <\/td>\n<\/tr>\n | ||||||
| 28<\/td>\n | 7.2 Align storage and policy <\/td>\n<\/tr>\n | ||||||
| 29<\/td>\n | 7.3 Business continuity management <\/td>\n<\/tr>\n | ||||||
| 30<\/td>\n | 7.4 Compliance <\/td>\n<\/tr>\n | ||||||
| 31<\/td>\n | 8 People controls for storage <\/td>\n<\/tr>\n | ||||||
| 32<\/td>\n | 9 Physical controls for storage 9.1 General 9.2 Physically secure storage <\/td>\n<\/tr>\n | ||||||
| 33<\/td>\n | 9.3 Protect physical interfaces to storage 9.4 Isolation of storage systems <\/td>\n<\/tr>\n | ||||||
| 34<\/td>\n | 10 Technological controls for storage 10.1 General <\/td>\n<\/tr>\n | ||||||
| 35<\/td>\n | 10.2 Design and implementation of storage security 10.2.1 General 10.2.2 Storage security design principles <\/td>\n<\/tr>\n | ||||||
| 37<\/td>\n | 10.2.3 Storage system quality attributes <\/td>\n<\/tr>\n | ||||||
| 40<\/td>\n | 10.2.4 Retention, preservation, and disposal of data 10.3 Storage systems security 10.3.1 System hardening <\/td>\n<\/tr>\n | ||||||
| 41<\/td>\n | 10.3.2 Security auditing, accounting, and monitoring <\/td>\n<\/tr>\n | ||||||
| 44<\/td>\n | 10.3.3 Storage vulnerability management 10.4 Storage management 10.4.1 Background <\/td>\n<\/tr>\n | ||||||
| 45<\/td>\n | 10.4.2 Authentication and authorization <\/td>\n<\/tr>\n | ||||||
| 46<\/td>\n | 10.4.3 Secure the management interfaces <\/td>\n<\/tr>\n | ||||||
| 48<\/td>\n | 10.5 Data confidentiality 10.5.1 General <\/td>\n<\/tr>\n | ||||||
| 49<\/td>\n | 10.5.2 Encryption and key management issues 10.5.3 Encryption of storage <\/td>\n<\/tr>\n | ||||||
| 52<\/td>\n | 10.5.4 Encrypting transferred data <\/td>\n<\/tr>\n | ||||||
| 53<\/td>\n | 10.5.5 Encrypting data at rest <\/td>\n<\/tr>\n | ||||||
| 54<\/td>\n | 10.6 Storage sanitization 10.6.1 General <\/td>\n<\/tr>\n | ||||||
| 55<\/td>\n | 10.6.2 Selection of sanitization methods <\/td>\n<\/tr>\n | ||||||
| 56<\/td>\n | 10.6.3 Media-based sanitization 10.6.4 Logical sanitization <\/td>\n<\/tr>\n | ||||||
| 57<\/td>\n | 10.6.5 Cryptographic erase <\/td>\n<\/tr>\n | ||||||
| 58<\/td>\n | 10.6.6 Verification of storage sanitization <\/td>\n<\/tr>\n | ||||||
| 59<\/td>\n | 10.6.7 Proof of sanitization <\/td>\n<\/tr>\n | ||||||
| 60<\/td>\n | 10.7 Direct Attached Storage (DAS) 10.8 Storage networking 10.8.1 Background <\/td>\n<\/tr>\n | ||||||
| 61<\/td>\n | 10.8.2 Storage Area Networks (SAN) <\/td>\n<\/tr>\n | ||||||
| 66<\/td>\n | 10.8.3 Network Attached Storage (NAS) protocols <\/td>\n<\/tr>\n | ||||||
| 68<\/td>\n | 10.9 Block-based storage 10.9.1 Fibre Channel (FC) storage <\/td>\n<\/tr>\n | ||||||
| 69<\/td>\n | 10.9.2 IP storage 10.10 File-based storage 10.10.1 General <\/td>\n<\/tr>\n | ||||||
| 70<\/td>\n | 10.10.2 NFS-based NAS 10.10.3 SMB-based NAS <\/td>\n<\/tr>\n | ||||||
| 71<\/td>\n | 10.11 Cloud computing storage 10.11.1 Securing cloud computing storage <\/td>\n<\/tr>\n | ||||||
| 72<\/td>\n | 10.11.2 CDMI security <\/td>\n<\/tr>\n | ||||||
| 73<\/td>\n | 10.12 Object-based storage 10.13 Data reductions <\/td>\n<\/tr>\n | ||||||
| 74<\/td>\n | 10.14 Data protection and recovery 10.14.1 General <\/td>\n<\/tr>\n | ||||||
| 75<\/td>\n | 10.14.2 Storage backups 10.14.3 Storage replication <\/td>\n<\/tr>\n | ||||||
| 76<\/td>\n | 10.14.4 Continuous data protection (CDP) 10.15 Data archives and repositories 10.15.1 General 10.15.2 Data Archives <\/td>\n<\/tr>\n | ||||||
| 80<\/td>\n | 10.15.3 Data Repositories <\/td>\n<\/tr>\n | ||||||
| 81<\/td>\n | 10.16 Virtualization 10.16.1 Storage virtualization <\/td>\n<\/tr>\n | ||||||
| 82<\/td>\n | 10.16.2 Storage for virtualized systems <\/td>\n<\/tr>\n | ||||||
| 83<\/td>\n | 10.17 Secure multi-tenancy <\/td>\n<\/tr>\n | ||||||
| 84<\/td>\n | 10.18 Secure autonomous data movement <\/td>\n<\/tr>\n | ||||||
| 86<\/td>\n | Annex\u20acA (informative) Storage security controls summary <\/td>\n<\/tr>\n | ||||||
| 94<\/td>\n | Bibliography <\/td>\n<\/tr>\n | ||||||
| 98<\/td>\n | Index <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" BS EN ISO\/IEC 27040. Information technology. Security techniques. Storage security<\/b><\/p>\n |