Storage Information Security - Course Code: TN184

Course Title	: Storage Information Security
Course Duration	: 2 Day Online Intructor Led Workshop : Online workshop is delivered in two days, two units each day between 10:30 am to 1 pm and 3 pm to 5:30 pm
Course Fee	: Available upon request (Write to us at info@tlcpak.com)
Course Location	: TLC (Karachi), Customer Onsite and Online
	: Online workshop are delivered in two days, two units each day between 11 am to 1 pm and 3 pm to 5 pm
Course Code	: TN184
Deliverables	: Comprehensive Student Guide & Workshop Certificate

Customer Onsite workshop can also be conducted for customers in Lahore, and Islamabad

PURPOSE:
This course is designed to provide you all what is needed to underatand security related to storage technologies.

This one day face-to-face instructor led class is designed to develop storage security skills and data protection strategies associated with managing the explosive growth of business data across the enterprise in today's networked economy.

In a nut shell, two criteria can help determine the effectiveness of a storage security methodology. First, the cost of implementing the system should be a small fraction of the value of the protected data. Second, it should cost a potential hacker more, in terms of money and/or time, to compromise the system than the protected data is worth.

The training course flow will be a mix of lectures & classroom discussions so that participants can have a detailed understanding of various components of Storage security and data protection technologies best practices.

Training will be delivered by an experienced trainer with 25+ years of career experience imparting education and training services both locally and internationally and have served international enterprise technology vendors including IBM, Fujitsu, and ICL.

Our instructor holds various industry professional certifications in the space of enterprise servers and storage technologies, Information Security, Enterprise Architecture, ITIL, Cloud, Virtualization, Green IT, and a co-author of 10 IBM Redbooks and have developed 30 plus courses in the space of security and digital technologieds.

AUDIENCE:
This course is intended for resources who:

End-user customers to expand their knowledge in the field of storage securities.
IT Operation Teams, InfoSec and Cybersecurity professionals.
Want to start their career as Storage Pre Sales Specialists.
Want to develop skills as Storage Consultants and Systems Integrators.
Senior IT Managers who want to refresh their knowledge in storage technologies.
Technology vendors and their Business Partners.

PREREQUISITES:
Participants should have basic level of understandings of Information Technology.

WORKSHOP OBJECTIVE:
Following are the workshop details covered in this session. This shall help students gain the clarity needed to make more informed and smarter decisions when it comes to building storage security strategies and the ways how to protect data by following SNIA industry standard data pratection best practices.

COURSE OUTLINE

Unit 1 –Information Security Awareness

Our world – and how we interact with it – is changing.

The Evolution of Data increases storage security threats.

Exponential Data Growth – Some key facts and figures.

The Evolution of Storage technologies and future.

What is Information Security and Information Storage.

The importance of Security.

Security Vs. Safety in a view.

Threats definitions – Just a refresher.

Malware Detection.

Security – Defense in depth.

Anti-Virus, Anti-Spyware and Firewalls.

Avoid Social Engineering and Malicious Software.

Other Hacker tricks to avoid.

Understand Fraud and Pulling fraud out of the shadows.

Top Security Concerns for Cloud-Based Storage Services

Keep your Storage Security policy simple.

5 Questions you should ask to your storage Services Provider.

Top 5 Storage Security Challenges.

Generalized Security Framework.

Traditional Approach to Security.

Enterprise Security in a View.

Understand Multifactor Authentication with scenarios.

Unit 2 -Storage Security and Threats

Understand why Security is a board room discussion.

Types of Threats, Motives and Methods.

Threats and Security Challenges –Business Context.

Understand 9 layers of IT Infrastructure Foundation from Security POV.

To address security, leaders must avoid common myths.

Use five fundamental security principles to help guide you.

Understanding the role of Risk Management.

Understanding Storage Security.

Understanding Layer 2 of Fibre Channel – A weakest link.

Issues that needs attention from storage security POV.

Criteria can help determine the effectiveness of a storage security.

Best principles for storage security.

Best Practices defined.

Applying the storage best practices.

Variety of technologies to ensure data storage security.

Different types of data needs different storage security.

Hardening of the platform as a part of common practice.

Storage security strategy and guiding principles.

Why the security of storage management matters?

The Storage Threat Model – ISO/IEC 27040.

Storage Security Management.

Understanding different types of threats.

Storage Network Points of Attacks –Unauthorized Access, Spoofing and Sniffing.

Unit 3 -Storage Data Protection Best Practices

Understand why data protection is important.

Knowing the three sides of data protection.

Personal data defined.

Five phases of the data protection lifecycle.

Examing the cost of data breach - A small exercise.

Knowing the three Sides of Data Protection.

Understand Fault Tolerance and Fault Resilience.

Data Protection from ISO/IEC 27040 Point-of-View.

Guidelines for Securing Backups from ISO/IEC 27040 POV.

Data Replications technologies

Discussing Pros & Cons of data replication methodologies.

Considerations before setting up Data Replication Services.

Guidelines for Securing Data Replications Services from ISO/IEC 27040 POV.

The use of Data Encryption Services – Information Security.

Data Encryption technologies.

Discussing Pros & Cons of data encryption methodologies following SNIA Best Practices.

Self Encrypting devices – Encrypting Data at Rest.

Understand Compliance in context of Data Protection and Data Retention.

Technologies relate to Compliance.

Understand Compliance in context of Data Protection.

Discussing Data Confidentiality, Data Sanitization following Industry Standard Best Practices.

Understand Monitoring, Auditing and Reporting.

Understand the Role of storage Snapshot Technology.

Snapshots as a part of your Backup Strategy.

Snapshot technologies, Discussing Pros & Cons of snapshot methodologies following SNIA Best Practices.

Data Protection from ISO/IEC 27040 Point-of-View.

Guidelines for Securing Backups from ISO/IEC 27040 POV.

Guidelines for Securing Continuous Data Protection Services from ISO/IEC 27040 POV.

Understand Data Anonymization and De-Anonymization.

Understand Zero-day and your Security Strategy.

Suggestions for Mitigating the effects of a Zero-day attack.

Unit 4 – Demystifying SAN Zoning

SAN Security Defined.

About Fibre Channel protocol.

Three essential parts of Storage Area Network.

What are WWNNs and WWPNs – Concepts.

Understand Host Bus Adapters and WWPN.

Describe igroup, Logical Unit Number and why we create LUN?

Information you require to create a LUN.

How all SAN components fits together.

What is Zoning?

Differentiating between Hard and Soft Zoning.

Characteristics of Zoning.

Understanding LUN Masking and LUN Zoning.

Understand Switch Domain IDs.

SAN Zoning Best Practices.

The worst case scenario of one big zone.

Creating zones for individual initiator ports.

KMPIO Best Practices.

Considering Aliases for Zone Management.

Zoning is an important method to balance the workload.

Keeping Disk & Tape traffic on a separate Host Bus Adapter.

SAN Management tools offered by the vendors & its use.

Housekeeping as a part of general Best Practices guideline.

Zone element Naming Conventions.

General Best Practices guideline and Recommendations.

How exactly does zoning work? Zoning in a Nut Shell.

Understanding SAN Switch features.

Following are the customers who have attended this workshop.

EBM_LOGO MIB_LOGO

Group Photographs of students attended our Storage Information Security Workshop

Dubai Port World, English Biscuit Manufacturers (Pvt) Ltd and House
Building Finance Corporation Ltd has attended a one day workshop on "Storage Information Security" on November 22, 2018.

ForeePay Pakistan, Habib Bank Limited, Ingram Micro Pakistan and
Soneri Bank Limited has attended a one day workshop on "Storage Information Security" on January 23, 2019.

Bank AL-Habib Ltd, MCB Islamic Bank, English Biscuit Manufacturers (Pvt) Ltd, University of Lahore, Packages Ltd and CDC Pakistan has attended a two-day online workshop on "Storage Information Security" on December 16 & 17, 2021.