It might seem unbelievable, but there was a time when cars didn't come with locks on their doors, much less any of the complicated security systems we've grown accustomed to seeing today. I'm not old enough to have direct memories of those days, but owning and operating a car in that bygone era must have been a carefree experience. There was, after all, no worrying about seatbelt laws and little thought needed to be given to vandalism or theft.
Fast forward several decades, and you'll find that today's storage devices have something in common with early cars: Neither of them have locks to protect what's inside from the bad guys.
Fortunately, things seem to be changing rather quickly, and in a few years unprotected storage devices will probably seem as old-fashioned as those early automobiles seem today.
For example, you may remember Symantec's acquisition of Veritas from one of my recent columns. This deal, at least on paper, promises to merge the storage and data protection prowess of both major vendors.
Not to shortchange the importance of the Symantec-Veritas deal, but these are software companies; they don't build boxes. And the impact on security is greater when storage hardware vendors focus their attention on data protection -- just as the manufacturers of the unsecured cars in my analogy eventually put locks on their doors.
Two big vendors do seem to be serious about wrapping a security shield around their devices: NetApp, with its plans to buy storage security vendor Decru, and Seagate, with its first independently encryptable laptop drive.
EMC, another big name, may be coming around as well. The company just held its Analyst Day 2005 on Aug. 4 in New York, and the EMC brass had much to say during that event, such as laying out future plans for the company's ILM (information lifecycle management) strategy and announcing new disk-based backup solutions. If you have a few hours to spare, a Webcast is available at www.emc.com.
In my view, the most important announcement that EMC made at that event -- a first for the company -- is that it plans to inject security into all of its products.
"Customers are not asking, they are demanding security," said EMC President and CEO Joe Tucci, who presented an image of EMC's Information Infrastructure (in essence, the enterprise infrastructure, branded EMC) with a closed lock in each box to indicate how pervasive security will become (note the future tense) in their products.
"What we need to do is to permeate security in our Information Infrastructure," Tucci added.
Why am I so excited about this? Because EMC has a large portfolio spanning everything from entry-level to top-tier enterprise storage; therefore, if it acts on the words of the CEO, and I see no reason why it shouldn't, secure storage solutions will be available to customers of all sizes.
Needless to say, EMC competitors will have to do some damage control and play the "me too" game. EMC is admittedly doing the same now, following Symantec and NetApp on that "security plus information" path.
"I'll say this just once," Tucci said, when asked his thoughts on Symantec's and NetApp's plans. "They are absolutely right [in] merging information and security."
I'll let those words resonate, but get ready for yet another TLA (three-letter acronym) from EMC: ISM, which stands for information security management.
"ISM will permeate everything" are EMC's final words on security. Let's see how that will translate into real products.