Why Use Immutable Storage?

Federal Cloud Computing Strategy Officially Launched

By G C Network | February 14, 2011

Federal CIO Vivek Kundra officially launched the Federal Cloud Computing Strategy today. While this is clearly not new news, the document does state the government’s position in a very succint manner.…

GEOINT’s Future is in the Cloud

By G C Network | January 31, 2011

Recently, Geospatial Intelligence Forum Magazine asked me for my thoughts on the role of cloud computing in the future of geospatial intelligence.My response was recently published in their December 2010…

eTechSuccess: Patterns of Success – Kevin Jackson

By G C Network | January 27, 2011

 My sincere appreciation to John Baker for the eTechSuccess: Patterns of Success interview. John and I worked together IBM as part of the Wireless Emerging Business Organization. His team and…

USBE&IT Winter Issue Focuses on Cyber Security

By G C Network | January 19, 2011

Thank You USBE&IT Publisher Mr Tyrone Taborn for such an inspiring issue and my sincere appreciation to Mr. Frank McCoy for my inclusion in his list of Cyber visionaries! The Homeland…

Global GovCloud with Cisco and VCE

By G C Network | January 18, 2011

Last week I had the awesome experience of participating in a global telepresence conference on government cloud computing. Joining me as presenters were Blake Salle, Senior Vice President of VCE,…

NIST Cloud Computing Collaboration Twiki Launches

By G C Network | December 30, 2010

Today I received my credentials for the NIST Cloud Computing Collaboration Site. “The National Institute of Standards and Technology (NIST) has been designated by Federal Chief Information Officer Vivek Kundra…

GovCloud Predicitons for 2011

By G C Network | December 30, 2010

Happy New Year All!! 2011 will be the breakout year for GovCloud! Pressure to reduce budget, pressure to manage I resources better and the political pressure of the next presidential…

Vivek Kundra Unveils 25-Point IT Management Reform Program

By G C Network | December 10, 2010

Yesterday the US Federal CIO, Vivek Kundra, unveiled an ambitious 25-point implementation plan for delivering more value to the American taxpayer. This plan focuses on execution and is designedto establish…

GSA and Unisys/Google Marks GovCloud Watershed

By G C Network | December 4, 2010

As widely reported this week, the United States General Services Administration (GSA) has awarded a contract to Unisys to create a secure cloud-based email and collaboration platform. The solution will…

NIST Moves Forward on Cloud Computing

By G C Network | November 8, 2010

Last week the National Institute of Standards and Technology (NIST) held their second Cloud Computing Forum and Workshop. Skillfully shepherded by Ms. Dawn Leaf, the agency’s senior executive of cloud computing,…

Data has become a global currency, and its value has nowhere to go but up.  According to The Economist online, the world’s most valuable resource is no longer oil, but data. The volume and velocity of data creation are astounding, and some estimates say that something like a self-driving car can generate 100 gigabytes per second. In response, industrial companies like GE and Siemens have positioned themselves as data firms.

To maintain, and even grow this value, data pedigree must be beyond reproach. Protecting this pedigree is generally refer to as immutability and describes a property of being unchanging or unable to be changed over time.  Immutability is especially essential in law enforcement where prosecutors rely on data to prove their case. This property may also be one reason why The Justice Department is changing its approach to collecting data stored in the cloud. After taking a closer look at this growing trend, guidance from the DOJ’s Computer Crime and Intellectual Property Section of the Criminal Division directs prosecutors to go directly to agencies and organizations when seeking access to their data rather than to the cloud service provider storing the information. Preparing for these increasingly inevitable inquiries, government agencies should now closely review their current cloud data storage vendor’s data immutability service level agreement.

The new guidance advises prosecutors to seek data from the agency when doing so would not compromise the investigation. This is because some providers may not have the capability to preserve and disclose information or have full access to an enterprise’s data. Under 18 U.S.C. § 2703(f), however, the Government could approach a cloud-service provider directly to preserve data without agency prior knowledge.

Agencies must also be able to identify a legal contact within the organization that is knowledgeable of cloud-based storage and able to assist law enforcement with contacting the appropriate CSP point of contact. This is crucial to any requirement associated with interposing privilege or other objections to the collection of data. Failure to have such a contact in the organization could also be a reason for the DoJ to seek data directly from the cloud-service provider without agency participation.

Threats to the immutability of data put into the cloud include:

  • Data deterioration caused by the use of inappropriate storage technology
  • Intrusion by an external agent which could lead to data breach or loss
  • A malicious employee programmer changing production code to allow intrusion
  • Physical removal or destruction of data
  • Random disk failures could result in data loss if there isn’t sufficient redundancy
  • Data could suffer from “bit rot” and deteriorate if it is not checked and refreshed on a regular basis

When reviewing a cloud service provider’s SLA, ensure that none of the provider’s employees can change application code on a production system without first undergoing thorough review and testing. The data centers themselves must also contain appropriate physical security using things like biometric access control and man-traps. The data should also be extremely durable guaranteeing at least 11 nines. The provider should also periodically read every data object every 90 days to detect and automatically correct any random errors.

Wasabi is one of the few cloud service providers capable of meeting these minimum data immutability standards. Management of its data storage service is built around two simple rules:

  • No one person should be able to destroy data that is in an immutable bucket; and
  • Nobody should be able to touch a production system anonymously.

This means when using Wasabi immutable buckets, no one can delete or alter your data–not even a systems administrator.

Posted in

G C Network