Re: RAID 5 drive replacement schedule

["Mike Hale" <eyeronic.design () gmail com>]

Philippe is actually correct.

CIA forms the security pyramid.

Confidentiality.
Integrity.
Availability.

That's the three components of data in a secure system.  Most
companies can only afford to focus on one of those aspects, but if you
ignore the others, you don't have a secure system.

On 6/20/08, Adriel Desautels <adriel () netragard com> wrote:
> Philippe,
>        I disagree with you and I think that the definition of security that
> you provided is partial, but thats just my opinion. Availability is a vague
> term that can, but does not always have a role in security. Determining what
> the proper schedule is for a drive replacement policy is something that can
> be done by IT without the security team. Deciding how to dispose of the
> drives on the other hand is security.
>
>
> Regards,
>        Adriel T. Desautels
>        Chief Technology Officer
>        Netragard, LLC.
>        Office : 617-934-0269
>        Mobile : 617-633-3821
>        http://www.linkedin.com/pub/1/118/a45
>
>        Join the Netragard, LLC. Linked In Group:
>        http://www.linkedin.com/e/gis/48683/0B98E1705142
>
> ---------------------------------------------------------------
> Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
> Penetration Testing, Vulnerability Assessments, Website Security
>
> Netragard Whitepaper Downloads:
> -------------------------------
> Choosing the right provider : http://tinyurl.com/2ahk3j
> Three Things you must know  : http://tinyurl.com/26pjsn
>
>
> Rivest, Philippe wrote:
> > Adriel & Murda
> >
> > It is a security issue the way you store your data. In regards to the raid
> > technologies, raid 5 improves the availability of the data by making sure
> > that a single drive failed will not impact the availability of the data.
> > Remember that security is 1- Confidentiality
> > 2- Availability
> > 3- Integrity
> >
> > The main goal of a Raid 5 is to help #2. You are referring to the disposal
> of
> > the HD which is the issue of confidentiality and that is not what Murda
> was
> > aiming at. If it is, go for encryption, degaussing, destruction and just
> > plain format (if the data is not confidential).
> >
> > As I explained to him offline, the MTTF and MTBF is about the same for 2
> HD
> > bought/constructed at about the same time. How ever, those are not
> absolute
> > numbers that state that, if one drive fails the other one is about to go
> too.
> > It's more an estimated value against which you should have some
> > confidence/hope, your drive should not fail before X hours (it could go
> > before but the average is X).
> >
> > In a raid 5, Drive A, B and C are online and working (they are the same
> drive
> > bought at the same time). Drive A fails, you should NOT change drive B & C
> > unless they are failing also. If you do, the cost of your raid 5 will be
> > greater then what it should be (the replacing of the parts are going to
> cost
> > a lot). Change drive A and hope drives B & C will last longer.
> >
> >
> > The only issue is that 2 drives fail at the same time, which is very
> > improbable. And if it does, you should be going for your back ups.
> >
> >
> > I do hope this clarified the questions and that I wasn't to unclear with
> my
> > details!
> >
> > Merci / Thanks
> > Philippe Rivest, CEH
> > Vérificateur interne en sécurité de l'information
> > Courriel: Privest () transforce ca
> > Téléphone: (514) 331-4417
> > www.transforce.ca
> >
> >
> > -----Message d'origine-----
> > De : listbounce () securityfocus com [mailto:listbounce () securityfocus com] De
> la
> > part de Adriel Desautels
> > Envoyé : 20 juin 2008 11:27
> > À : Murda Mcloud
> > Cc : security-basics () securityfocus com
> > Objet : Re: RAID 5 drive replacement schedule
> >
> > Murda,
> >        The real answer to your question is that it is very, very
> improbable that all of the drives in the array will fail at the same time.
> Most drives are good for a certain period of years, after which point you
> are getting "extra time".
> >        That is not a security issue though. That is an IT related issue.
> The
> > security issue comes into play when you dispose of your drives. Do you
> shred them, just throw them in the dumpster, how do you dispose of them?
> > Regards,
> >        Adriel T. Desautels
> >        Chief Technology Officer
> >        Netragard, LLC.
> >        Office : 617-934-0269
> >        Mobile : 617-633-3821
> >        http://www.linkedin.com/pub/1/118/a45
> >
> >        Join the Netragard, LLC. Linked In Group:
> >        http://www.linkedin.com/e/gis/48683/0B98E1705142
> ---------------------------------------------------------------
> > Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
> > Penetration Testing, Vulnerability Assessments, Website Security
> >
> > Netragard Whitepaper Downloads:
> > -------------------------------
> > Choosing the right provider : http://tinyurl.com/2ahk3j
> > Three Things you must know  : http://tinyurl.com/26pjsn
> >
> >
> > Murda Mcloud wrote:
> >
> > > In my mind, this a security related question as it has to do with
> ensuring
> > > availability.
> > >
> > > Does anyone have links towards any whitepapers etc that suggest
> replacement
> > > of disks in a RAID 5 array as part of a maintenance cycle?
> > >
> > > If all the drives in an array are the same age and one fails; does this
> > mean
> >
> > > the others are more likely to fail. I'd imagine so as they have had the
> > same
> >
> > > amount of usage.


-- 
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0