Anyone who has worked with data-intensive computing and storage environments over the past five or so years has seen the quantity of sensitive data that organizations and enterprises carry on their servers and storage devices spiral upwards. Exponential growth in storage capacity, coupled with emerging regulatory requirements, has led to greater emphasis on storage network vulnerabilities.

It has become the goal of many enterprises to achieve efficiencies and cost reductions by making back-end data available to its staff anytime, anyplace, and on any device. Yet the Internet, precisely because it is ubiquitous and flexible, is replete with security concerns.

It is high time, many IT professionals have said, that storage and security issues were dealt with simultaneously. The quality of thinking and writing on this topic that you will see in Information Storage & Security Journal is evident in this preview issue.

As Diana Kelley from Computer Associates says: "Storing data without taking into consideration the security requirements and potential threats is not sufficient in today's enterprise. Legal requirements, audit needs, and shareholder interest all demand that corporations not only protect live data, but log, archive, and store critical, historical data in a safe and retrievable manner. Storage and security are intimately linked." Oracle's Chief Security Officer, Mary Ann Davidson, reinforces the synergy: "A recent report from PricewaterhouseCoopers," she writes, "confirmed that most security breaches occur in stored data."

Yet the prospects aren't all negative. IT professionals - and IT these days might just as well mean Infrastructure Technology - will be encouraged, we hope, by the article from Mark Griffiths, VeriSign's VP of Authentication Services, on how identity theft could soon become a relic of a bygone era. This would be a significant breakthrough, given that the 2002 Federal Trade Commission's annual study on consumer complaints cited ID theft as the most frequent reason individuals contacted consumer protection authorities.

John Worrall peeks over the horizon from his vantage point at RSA Security and tells us that not only present technologies like two-factor authentication and smart cards, but also emerging ones like mass-market biometrics, need to become standard. SGI's Laura Shepard answers the questions that we believe many ISSJ readers should and will be asking: What is information lifecycle management and where is it in the evolution of migration solutions? She also does a great job in explaining how it differs from data lifecycle management (DLM).

Andrew Bulkley, of GE Security, reminds us of the role that standards play - particularly in how they are essential in helping to make access control agree with a company's disparate systems.

"Proactive security" is the main focus of Eric Vishria's article on a new breed of technology - IT automation software. Working "from the inside out," comprehensive automation systems "can take into consideration the people, processes, and technology that can turn even the most complex environments into truly impenetrable targets." In other words, automation software complements perimeter defense systems by reducing the chance for human error and keeping systems up-to-date automatically.

Whatever your position in the industry, hold on to your hat: storage and security are becoming more and more enmeshed, and ISSJ will be there to help deliver storage subject matter in context with popular security applications, and vice versa. Our aim is to guide, motivate, and inspire senior IT and business management leaders in the planning, development, deployment, and management of successful enterprise-wide security and storage solutions.

As the next generation of enterprise networks arrives, and as the protection and management of data in heterogeneous environments becomes increasingly important, from the Fortune 500 to small and medium-sized businesses, SYS-CON Media is pleased to bring its decade of print and online content excellence to this expanding field.