Locked down storage device
July 6, 2015 3:05 PM Subscribe
Is there a corporate grade storage device (NAS/SAN) that comes with functionality to prevent all data from being deleted and the only way to access the data is to export it and wrap it with a mandatory password security? More details inside
In my mind it would look something like this (feel free to correct me!)
Files written to the storage cannot be modified/deleted
Written files contents cannot be opened/executed unless it is exported as below
Web portal with user logins
Web portal to view
Web portal to modify/delete – but keeps audit trail
Web portal to download files (e.g. another drive, USB, CD, etc)
Downloaded files must be encrypted with a unique password (every file must have a different password)
The context is that there is a security surveillance environment (CCTV) where important videos need to be transferred to a new storage (per above) to prevent evidence tampering.
The main CCTV system has an "evidence lock" feature already (in the form of software such as Milestone, etc), however I'm looking for a separate self-contained storage unit that can achieve this type of evidence lock with audit trail functions on its own.
Bonus:
Would a poor man's solution be achieved with a basic NAS and configuring Windows privileges and installing some type of OS-level security software (thinking out loud... i'm not a MS expert)
In my mind it would look something like this (feel free to correct me!)
Files written to the storage cannot be modified/deleted
Written files contents cannot be opened/executed unless it is exported as below
Web portal with user logins
Web portal to view
Web portal to modify/delete – but keeps audit trail
Web portal to download files (e.g. another drive, USB, CD, etc)
Downloaded files must be encrypted with a unique password (every file must have a different password)
The context is that there is a security surveillance environment (CCTV) where important videos need to be transferred to a new storage (per above) to prevent evidence tampering.
The main CCTV system has an "evidence lock" feature already (in the form of software such as Milestone, etc), however I'm looking for a separate self-contained storage unit that can achieve this type of evidence lock with audit trail functions on its own.
Bonus:
Would a poor man's solution be achieved with a basic NAS and configuring Windows privileges and installing some type of OS-level security software (thinking out loud... i'm not a MS expert)
Best answer: *Note: I do not work for Isilon, but am a customer. I work in video, so this is an interesting idea, but is going to be very difficult to implement with off the shelf software.
You might look at something like Isilon. They have a feature called "SmartLock" which can run in one of two modes. The "normal" mode is called Enterprise, and allows you to lock shared directories, but does allow the administrator to use privileges to delete files. The "Compliance" mode is much more strict, removes the ability of an administrator to delete or modify files, locks out root access, and is designed for WORM capabilities (Write Once/Read Many), which is close to what you are describing, but not the whole package. There are some pretty decent audit features as well (though each feature has it's own licensing and yearly support costs). This is
a relatively new feature in the latest builds of the Isilon OneFS, which allows you to audit the protocols and actions of any user on the system (provided each user has their own account, either controlled by a directory server (like Active Directory or LDAP), or a local user account on the Isilon itself (not recommended, pain in the butt to implement easily).
For the check-out system you are looking for, you will either have to do some custom code, or more likely, find a vendor who offers that kind of software.
I have a deployment of Ricoh Docuware, which is primarily geared towards text/images, but I am pretty sure you could find something similar to handle video files. The main issue is going to be the downloading/encryption/password-gen requirement, which would likely have to be a very custom built system. Most video MAM (media asset management) systems do have a check-in/check-out system, but almost none of them have the encryption/password-gen module, as they are more designed for news/editing rooms, with multiple people accessing the same content freely.
Also, your biggest problem is going to be using a web browser to display/view the videos. If you need to make sure that the end user does not capture the video stream and record it (there are many, many, many ways in which to do this. think youtube downloaders), you are going to have to either lock down the systems that can access the video (i.e. isolated network, workstations, NAS) or you are going to have to use some kind of proprietary software for viewing the files (and then you run into all kinds of overhead like transcoding/etc). The better option might be a custom app, which on the back end can access the data using HTTP or HTTPS connections, but requires the app to decode/display the video. You would also be able to have the app do the download/encrypt/password-gen as an encompassed process, which would mean that someone accessing the system could easily be tracked/audited based on their client connection. If done correctly, you can control access to the system much easier if the only way to access it is through a specified method, instead of a generalized tool like a web browser (which can spoof it's identity to the server).
Also, I see you are in Australia, by your profile, so some of these things may or may not be available due to export restrictions on certain kinds of software (not up to date on current software export restrictions, but you never know).
posted by daq at 4:16 PM on July 6, 2015
You might look at something like Isilon. They have a feature called "SmartLock" which can run in one of two modes. The "normal" mode is called Enterprise, and allows you to lock shared directories, but does allow the administrator to use privileges to delete files. The "Compliance" mode is much more strict, removes the ability of an administrator to delete or modify files, locks out root access, and is designed for WORM capabilities (Write Once/Read Many), which is close to what you are describing, but not the whole package. There are some pretty decent audit features as well (though each feature has it's own licensing and yearly support costs). This is
a relatively new feature in the latest builds of the Isilon OneFS, which allows you to audit the protocols and actions of any user on the system (provided each user has their own account, either controlled by a directory server (like Active Directory or LDAP), or a local user account on the Isilon itself (not recommended, pain in the butt to implement easily).
For the check-out system you are looking for, you will either have to do some custom code, or more likely, find a vendor who offers that kind of software.
I have a deployment of Ricoh Docuware, which is primarily geared towards text/images, but I am pretty sure you could find something similar to handle video files. The main issue is going to be the downloading/encryption/password-gen requirement, which would likely have to be a very custom built system. Most video MAM (media asset management) systems do have a check-in/check-out system, but almost none of them have the encryption/password-gen module, as they are more designed for news/editing rooms, with multiple people accessing the same content freely.
Also, your biggest problem is going to be using a web browser to display/view the videos. If you need to make sure that the end user does not capture the video stream and record it (there are many, many, many ways in which to do this. think youtube downloaders), you are going to have to either lock down the systems that can access the video (i.e. isolated network, workstations, NAS) or you are going to have to use some kind of proprietary software for viewing the files (and then you run into all kinds of overhead like transcoding/etc). The better option might be a custom app, which on the back end can access the data using HTTP or HTTPS connections, but requires the app to decode/display the video. You would also be able to have the app do the download/encrypt/password-gen as an encompassed process, which would mean that someone accessing the system could easily be tracked/audited based on their client connection. If done correctly, you can control access to the system much easier if the only way to access it is through a specified method, instead of a generalized tool like a web browser (which can spoof it's identity to the server).
Also, I see you are in Australia, by your profile, so some of these things may or may not be available due to export restrictions on certain kinds of software (not up to date on current software export restrictions, but you never know).
posted by daq at 4:16 PM on July 6, 2015
We use NetApp snapvault at work, in compliance mode -- it's not possible for anyone (even NetApp, they claim) to delete data without physically destroying all the drives in the vault -- they run custom drive firmware, for example, so you can't just pull a drive, pop it in another enclosure and delete data that way. You have to be extremely careful setting up a new snapvault because it defaults to 30 years compliance ...
This may be more $$ than you're willing to pay, though, as NetApp are Absolutely Not Cheap.
In general, look into WORM technologies but be prepared to pay out the wazoo (especially as, like me, you're in Australia) if you actually want Meaningful, Definite Iron-clad assurances that the data cannot be deleted without physically destroying the drives.
posted by nonspecialist at 10:57 PM on July 10, 2015
This may be more $$ than you're willing to pay, though, as NetApp are Absolutely Not Cheap.
In general, look into WORM technologies but be prepared to pay out the wazoo (especially as, like me, you're in Australia) if you actually want Meaningful, Definite Iron-clad assurances that the data cannot be deleted without physically destroying the drives.
posted by nonspecialist at 10:57 PM on July 10, 2015
Response by poster: Thanks for the answers.
As dag has pointed out, the main challenge isn't enabling WORM but more the check-out system and password encryption.
posted by gttommy at 7:38 PM on July 11, 2015
As dag has pointed out, the main challenge isn't enabling WORM but more the check-out system and password encryption.
posted by gttommy at 7:38 PM on July 11, 2015
This thread is closed to new comments.
posted by Leon at 3:52 PM on July 6, 2015