Storage Security Audit Checklist
The vast majority of critical data is stored in storage systems. In fact, one storage system is equivalent to about a thousand servers. Attackers can circumvent many existing protection layers, to do great harm: steal data, tamper with sensitive records, and destroy your data and its backups.
External auditors are now paying attention to storage security, and failure to show effective risk controls and security measures may lead to severe penalties.
This checklist provides audit teams with 8 questions they should ask their security and infrastructure teams, to determine whether storage is sufficiently secured and whether data is fully protected.