Protecting data at rest

Data at rest can be protected against unauthorized access attempts by enforcing file system access permissions and SELinux MCS policies. For more information, see Authorization.

In addition, the security for data at rest can be improved by configuring the IBM Spectrum Scale storage cluster with encryption, end-to-end checksums for GNR based storage (ESS), file system audit logging, and Security Integration, and Event Management (SIEM) integration to log and detect suspicious activity on the file system.

File audit logging
Encryption
IBM Spectrum Scale Erasure Code Edition