Storage and security, you may think, seem an odd pairing to post on.

Kind of.

We've seen Symantec snap up Veritas and EMC acquire RSA, so there's already been some big M&A's between security and storage vendors. But do these deals make sense?

When the RSA deal was announced, I did suggest in a ZDNet Australia opinion piece that offering tokens with storage is like offering chocolate on hamburgers -- not criminal, just weird.

But these deals do have me thinking. All this vendor movement has got me looking at the overlap between storage and security, and while I'll reserve my judgement on these mergers until I've really done my homework, researching the fusion between these two fields has proven interesting.

During a phone conversation with the talented IT security geek Adam Pointon of Assurance.com.au, he made some very interesting points about "storage security".

Firstly, encrypted volumes are, in most day-to-day applications, useless.

Using a private key to lock the drives on a production server may save you some embarrassment if the box is marched out the door by some dudes dressed in EDS uniforms (ala Sydney Airport a couple of years ago), but there are some drawbacks.

What if, for example, the server falls over? How will it reboot at 3am if there's no one there to load up the key?

Pointon predicts drive keys will be stored on some form of media that will inevitably be tied to the corresponding server with a piece of string or another, similarly sophisticated device.

He says it gets really interesting when we start looking at more intelligent approaches to storage, like Microsoft's idea of storing everything in a relational database. Still, Pointon says, our current generation of CPUs isn't up to the task just yet, so we'll have to wait.

In the mean time we can expect to see some intelligent access controls hitting the hardware layer of NAS and SAN storage devices. Why let the operating system delegate access controls when they're so easy to screw with? Remove the operating system's raw access to storage and lock down access to each block on the disk. Keep the whole thing under lock and key, and encrypt your data for physical transport.

Let's hope to see some products along these likes from Verimantc and RSEMC.