One More Reason to Hate Direct Attached Disks


I've written before about the benefits of enterprise storage solutions. In short they promote better file management, backup, and security. Today the Salt Lake Tribune is reporting a story that is a perfect example of why this is true:

Thieves who broke into a government contractor's office snatched computer hard drives containing Social Security numbers, addresses and other records of about 500,000 service members and their families. The company, Phoenix-based TriWest Healthcare Alliance, provides managed health care to the military in 16 states, including Utah. It serves about 1.1 million active-duty personnel, their dependents and retirees. TriWest spokesman Jim Kassebaum said computer equipment stolen from a TriWest office in Phoenix on Dec. 14 contained names, addresses, phone numbers, medical claim histories, and Social Security numbers for beneficiaries in its central region, which covers the central United States. In a separate news release, the company also said a "few credit-card numbers were contained in the potentially compromised files."

I think any enterprise that allows sensative data to be stored on direct attached disks in unmanaged environments is negligent. Sure, someone could break into a data center as well, but chances are that the data center is monitored 24 hours a day. There's also likely to be better information security policies and those policies are more likely to be followed. If someone's going to store sensative data, they ought to use the best techniques available, not the same ones my Aunt uses to store her recipes.