5 Top Direct-Attached Storage (DAS) Trends in 2022

Enterprise Storage Forum content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Direct-attached storage (DAS) used to be the only kind of storage that existed. All of the data resided on the client device. Then organizations realized that they could gain economies of scale and increase collaboration by centralizing data and sharing it over the network. First servers were used as the place where data was stored – users accessed the server to retrieve their data. 

But as the volume of data grew, this became cumbersome. network-attached storage (NAS) and storage area networks (SANs) arrived on the scene as the next stage of the centralization of storage. However, DAS never went away. Every PC and every laptop contains some DAS. Those used by consumers are primarily DAS devices. Corporate laptops, even those that harness a virtual desktop model where the data is stored centrally, still contain some local storage. But the bulk of PCs and laptops remain DAS-centric. 

Here are some of the top trends in DAS: 

1. Better data protection 

Jason Lohrey, CTO at Arcitecta, said that regardless of whether the data is in DAS, SAN, NAS, or the cloud, the increasing prevalence of ransomware is leading users to seek better options for protecting their data. 

“Storage vendors understand the threats and are attempting to add resilience mechanisms to thwart ransomware attacks,” he said. 

2. Last line of defense 

Some of the obvious security safeguards for DAS, or any storage, include:

  • Surveillance to identify unusual behavior that might be deemed a ransomware attack
  • Creating immutable copies of data that can be restored in the event of an attack

“These methods sit outside the filesystem using integrations via the filesystem APIs and change logs,” said Lohrey. “These approaches are typically classed as a last line of defense – they work enabling recovery in hours, days and sometimes weeks. Whilst that avoids the need to capitulate to ransomware re attackers, it can still mean there is a significant impact to business operations.”  

3. First line of defense 

As a result, we are seeing a trend towards additional layers of security in order to provide strength in depth. Heading into 2023, there will be an increased focus on what could be called first line of defense where attacks are stopped altogether or can be immediately unwound without recourse to backups. That will achieve a recovery point objective (RPO) and recovery time objective (RTO) that approach, if not reach, zero.

“An RPO or RTO that is greater than zero is a compromise that exposes customers increased risk of data and financial loss,” said Lohrey. “Customers should push vendors to achieve RPO and RTO of as close to zero as possible and seek out resilience solutions that achieve those objectives.”

4. Anomaly identification 

Anomaly identification continues to be one of the better methods for network-based threat detection and will trend that way in 2022 and the future most likely – for both DAS and network-based storage, according to Tim Silverline, VP of Security at Gluware.  Why? Threat actors have become adept at hiding malicious traffic flows in a variety of ways that limit the effectives of traditional signature-based threat detection solutions. 

“To detect and respond to advanced persistent threat (APT) style attacks using anomalous behavior as a starting point can better identify these hidden threats,” said Silverline.  

5. Talent shortage 

Although DAS continues to be prevalent, users within corporate networks need all the help they can get from enterprise IT. Yet there is an ongoing shortage of skilled security talent. If IT is struggling to keep up to date with trouble tickets or is drowning in security challenges, it should look to augment its in-house skill sets by bringing in outside providers or using cloud services. 

“As the cyber security talent shortage continues, leveraging outside help to more quickly detect and respond to threats in real-time is a necessity for many organizations,” said Silverline. “This is especially true for smaller organizations that want to be able to monitor around the clock while their employees are sleeping.  Since threat actors will often plan their attacks during these times to evade detection.”

Organization should be asking themselves if they have a solution for detecting anomalous behavior in their network and planning a strategy to achieve this goal if not. Additionally, they should ensure that they have the resources to properly analyze alerts from all of their toolsets 24/7 and consider some of the many managed detection and response services out there to fill any gaps in either talent or time coverage.

Drew Robb
Drew Robb
Drew Robb is a contributing writer for Datamation, Enterprise Storage Forum, eSecurity Planet, Channel Insider, and eWeek. He has been reporting on all areas of IT for more than 25 years. He has a degree from the University of Strathclyde UK (USUK), and lives in the Tampa Bay area of Florida.

Get the Free Newsletter!

Subscribe to Cloud Insider for top news, trends, and analysis.

Latest Articles

15 Software Defined Storage Best Practices

Software Defined Storage (SDS) enables the use of commodity storage hardware. Learn 15 best practices for SDS implementation.

What is Fibre Channel over Ethernet (FCoE)?

Fibre Channel Over Ethernet (FCoE) is the encapsulation and transmission of Fibre Channel (FC) frames over enhanced Ethernet networks, combining the advantages of Ethernet...

9 Types of Computer Memory Defined (With Use Cases)

Computer memory is a term for all of the types of data storage technology that a computer may use. Learn more about the X types of computer memory.