Who should be responsible for storage security?
There can be several individuals responsible for storage security
. Ultimately, there is going to be an executive responsible for information security in general, and storage security is certainly a part of
that. This will likely be the chief information security officer (CISO), chief security officer (CSO), chief technical officer (CTO) or maybe even the chief information officer (CIO). But, like most things in business today, the responsibility eventually trickles up to the CEO, even the board of directors level, depending on the corporate structure.
In reality, day-to-day storage security is going to be handled by the network administrator or a storage administrator, if the organization has an individual dedicated to that role. It could possibly defer to an information security manager or even an IT director or IT manager. In many organizations, the security officer and the compliance officer, which may be the same person, will likely be involved in daily storage security tasks, as well.
There can be many individuals involved in the daily responsibilities of storage security, but the executives bear the ultimate burden of storage security. And, the executives must ensure that the business is performing safe business practices, following the laws and protecting the interests of partners and customers.
Listen to the Storage Security FAQ audiocast here.
Go to the beginning of the Storage Security FAQ Guide.
This was first published in March 2007