Today's stored data (e.g., cloud data storage, data storage farms and networks), in general, is unsecure and accessible to unwanted intruders. Current IT network security solutions consist of layering security products to protect a given network. These products typically consist of firewalls, intrusion detection and prevention systems, security analytics, malware software, access controls, etc., and yet daily intrusions remain as an on-going problem.
One problem is that firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), security analytics, and malware products can only detect “known” attacks. Firewalls, IDS/IPS, and malware products are deterministic search and analytics engines designed find pattern matching, signatures of known attacks, and viruses. Firewalls, IDS/IPS, and malware products are designed to prevent “known” attacks and general access, denial or disruption attacks, for data in transit, but are not designed for securing data at rest (i.e., data stored in large storage area networks (SAN)). They cannot detect or stop new attacks, malware or virus or variants. Etc. Therefore new attacks can be embedded undetected into the network and the data-at-rest storage area. In the world of insider and external attackers, emerging government regulations to protect user information, and growth of cloud computing and storage, there is a need to protect stored data in large-scaled storage systems.
In addition, countries around the world suffer losses with billions of dollars a year being stolen, or copied, because it is difficult to protect stored data. For example, many companies have lost billions of dollars worth of intellectual property, and customer's personal and financial information, in the last year, and spent hundreds of millions of dollars repairing damage from data breaches.