5 Top Network-Attached Storage (NAS) Security Trends 

Enterprise Storage Forum content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Network-attached storage (NAS) is in heavy use throughout the enterprise. Instead of data being housed on each server or beside each application, it is corralled into NAS boxes as a means of storing data centrally. The benefits are convenience, performance, and storage efficiency. But there is a potential downside. If the bad guys can get in, they can do damage to information that impacts a broad range of users, applications, and systems. Hence, the profile of NAS security has been raised in recent years. 

Here are some of the top trends in NAS security: 

1. Edge NAS 

NAS is well known in the data center. Organizations often have multiple NAS units on-premises on which they store their data. But now NAS is making its way out to the edge. Edge data centers are a growing use case for NAS. 

“A key trend I see happening is that the reach of NAS is extending from centralized enterprise data centers out to enterprise edge deployments, as well as into small-to-medium businesses (SMB) environments,” said Surya Varanasi, CTO of StorCentric. “Driving this trend are advancements in ease of management and functionality, as well as new NAS solutions entering the market in form factors and at price points that make them cost-effective for those deploying them across numerous edge deployments, as well as for SMBs.” 

More users, therefore, can afford and benefit from features that were previously reserved for enterprise data centers. This includes in-line compression, Active Directory (AD) support, data-at-rest encryption and data sharing, as well as additional advanced data backup, protection and security capabilities.

2. Immutable storage 

Immutable storage is data that cannot be edited, altered, or deleted. Once it is written, it cannot thereafter be changed. This is important for compliance, but also for security. Ransomware, for example, blocks access to data and if the ransom isn’t paid, the data is altered and rendered unusable. Immutable storage is a safeguard against this. It is being implemented broadly across NAS platforms. 

“Immutable storage will become more prevalent in NAS solutions throughout 2023,” said Travis Johnston, Director, Market Strategy, Folio Photonics. “This is driven by the fact that malicious actors are launching increasingly complex attacks every day while storage volumes continue to grow. This means that users should start thinking about implementing, or planning to implement, immutable storage into their NAS solution to better protect their digital assets from cyberattacks.”

3. The end of data copy proliferation 

Organizations have been plagued by copies of data in NAS environments being placed on uncontrolled or unknown storage locations. This proliferation of copies puts valuable or confidential data outside the control of IT systems that control access and compliance. It represents a significant security threat. IT may think it has good security over NAS systems. Yet there may be copies of the data lurking in some unprotected area. Security personnel have now realized this. They are putting an end to the proliferation of data copy creation outside the systems under their control. 

“Users and administrators both should be looking for software solutions that make copies when and where needed (for data protection, analytics, collaboration) without moving the data to a location out of the control and audit path of the management software,’ said Molly Presley, Senior Vice President of Marketing at Hammerspace

4. Requirements for global audit 

NAS data has become siloed as hybrid cloud environments for unstructured file data have become more common. Data is copied and spread across multiple purpose-built vendor storage systems at the edge, in data centers, and in the cloud. There needs to be some way of keeping track of all this, auditing how and where data is copied, and how well an organization is complying with a wide range of applicable data protection and privacy mandates. 

“Security officers and IT teams focused on compliance and tracking of activity with unstructured file data will begin to make Global Audit a requirement in data orchestration and data management software selection,” said Presley. “They should be looking for solutions that create an audit log of all file system activities across the hybrid cloud.” 

5. NAS sniffing 

The Security Technical Work Group of the Storage Networking Industry Association (SNIA) called attention to the fact that cybercriminals can and do attempt unauthorized observation of network traffic that could constitute a data breach. For NAS users, protections should be enabled to guard against traffic sniffing when using certain NAS protocols. SNIA’s recommendation is to institute remote procedure call encryption by default on NAS systems.

Drew Robb
Drew Robb
Drew Robb is a contributing writer for Datamation, Enterprise Storage Forum, eSecurity Planet, Channel Insider, and eWeek. He has been reporting on all areas of IT for more than 25 years. He has a degree from the University of Strathclyde UK (USUK), and lives in the Tampa Bay area of Florida.
Get the Free Newsletter!
Subscribe to Cloud Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter!
Subscribe to Cloud Insider for top news, trends & analysis
This email address is invalid.

Latest Articles

10 Top Data Storage Certifications

Get up-to-date on the best data storage certifications for 2023. Learn which certifications are best for data storage engineers, administrators, and managers.

6 Best Data Storage Solutions and Software for 2023

Data storage solutions organize and backup enterprise data. Explore the top data storage software and vendors now.

The Top 6 NAS (Network Attached Storage) Devices of 2023

Looking for the best NAS devices for 2023? Compare the top NAS devices from leading manufacturers and find the perfect one for your needs now.