NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Disk/Volume Encryption
With the recent introduction of MA CMR-17 law, most businesses are now required/encouraged to encrypt all customer data. What if any timeline is there for the Readynas products to support AES encrypt...
"Encryption is a nice feature, but it's not the most important. NetGear can't bring everything they want to in at once and they have to prioritize."
Encryption is no longer a feature for our customers. It is a de facto legal requirement.
Massachusetts' data protection regulation, 201 CMR 17.00, is one of the strictest in the nation.
Unreported theft of Data = $50K fine
Reported but un-encrypted data theft = $50K fine
Each personal record = $5K per record.
Applies to ALL businesses in MA and any state that stores data of a MA resident.
So, our target vertical client base(s) of legal, financial and medical must ensure the security of the information they store. Add to this HIPAA and HiTech requirements for PHI and this makes encryption anything but a "feature" This is a REQUIREMENT!
We are actively replacing ReadyNAS units in our customer locations with competitors products for this very reason.
If ReadyNAS wants to sell a business class product, they need to provide business class functionality. The lack of disk encryption makes the brand a non-starter. We can live with the clunky interface while the rest have switched to AJAX.
RSYNC over SSH was a requirement as well and it bought a little more breathing room. The reality is we could replicated data via RSYNC over AES encrypted tunnels and meet the requirements of the law. We could use iSCSI initiators and point to the ReadyNAS as a storage container but that defeats the appeal of a NAS.
Bottom line... No Encryption, No ReadyNAS for any business that stores MA resident data or PHI (personal health information) !
Encryption is no longer a feature for our customers. It is a de facto legal requirement.
Massachusetts' data protection regulation, 201 CMR 17.00, is one of the strictest in the nation.
Unreported theft of Data = $50K fine
Reported but un-encrypted data theft = $50K fine
Each personal record = $5K per record.
Applies to ALL businesses in MA and any state that stores data of a MA resident.
So, our target vertical client base(s) of legal, financial and medical must ensure the security of the information they store. Add to this HIPAA and HiTech requirements for PHI and this makes encryption anything but a "feature" This is a REQUIREMENT!
We are actively replacing ReadyNAS units in our customer locations with competitors products for this very reason.
If ReadyNAS wants to sell a business class product, they need to provide business class functionality. The lack of disk encryption makes the brand a non-starter. We can live with the clunky interface while the rest have switched to AJAX.
RSYNC over SSH was a requirement as well and it bought a little more breathing room. The reality is we could replicated data via RSYNC over AES encrypted tunnels and meet the requirements of the law. We could use iSCSI initiators and point to the ReadyNAS as a storage container but that defeats the appeal of a NAS.
Bottom line... No Encryption, No ReadyNAS for any business that stores MA resident data or PHI (personal health information) !
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
