EasyManua.ls Logo

HP StorageWorks 4000/6000/8000 - Enterprise Virtual Arrays - Storage Security Compliance; Security Technologies; And International Security Regulations

HP StorageWorks 4000/6000/8000 - Enterprise Virtual Arrays
456 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
DescriptionAttack class
Attacks by an unauthorized user who is in close physical proximity to networks, systems, or
facilities. The user may attempt to gather or modify information, or deny authorized users
access to information.
Close-in
Unauthorized attacks by an authorized user can be malicious or nonmalicious.
Malicious attackers can:
Eavesdrop
Steal or damage data
Use data for fraudulent purposes
Deny authorized users access
Nonmalicious attacks can result from:
Carelessness
Lack of knowledge
Circumventing security for nonmalicious purposes to perform tasks
Insider
Attacks due to modifications to hardware or software made at the factory or during
distribution. Distribution attacks can insert malicious code in a product, which can allow
future unauthorized access to the system.
Distribution
Storage security compliance
Compliance ensures that a storage system meets specific criteria established by law or regulation.
Retention of electronic records is mandated by statutory and regulatory law.
Data security regulations are enacted by international governments and U.S. federal and state
governments. All storage systems must comply with local regulations. Table 194 lists some of the U.S.
and international security regulations.
Table 194 U.S. and international security regulations
International regulationsU.S. federal and state regulations
European Union Data Protection Directive of 1995
Canada: Personal Information Protection and
nl
Electronic Documents Act (PIPEDA)
Australia: Privacy Act 1988
Japan: Personal Information Protection Act
UK: Data Protection Act 1998
New Zealand: Privacy Act 1993
Sarbanes-Oxley (SOX) Act of 2002
Gramm-Leach-Bliley Act (GLBA) of 1999
Securities and Exchange Commission Act (SEC)
rules 17a-3 and 17a-4
Department of Energy (DOE) 10 CFR 600.153
Retention and access requirements for records
California Data Security Act (SB 1386/AB 1950)
New York Regulation 173 Standards for
nl
safeguarding customer information
Security technologies
This section describes security technologies for IP SAN, Fibre Channel SAN, and encryption.
Storage security402

Table of Contents

Related product manuals