Set strong passwords for Administrator (or Root) and any other operating system accounts that have any DIVArchive administrator or service roles assigned to them, including:
DIVA, Oracle User IDs (if being used)
Any disk array administrative accounts
Do not use a local administrator operating system account. Assign roles as needed to other user accounts.
Set a strong password for Administrator and Operator for the Control GUI. You must assign a password for these profiles in the Configuration Utility before use.
Set a strong password for the Oracle database login.
Install a firewall on every system and apply the default DIVArchive port rules. Restrict access to DIVArchive API (tcp/9000) to IP's that need access using firewall rules.
Install operating system and DIVArchive updates on a periodic basis since they include security updates.
Install Anti-virus and exclude the DIVArchive processes and storage (for performance reasons).
It is best practice to segregate FC disks and FC tape drives either physically or through FC Zoning so that disks and tape devices do not share the same HBA port. For Managed disks, only DIVArchive Actors should have access to disk and the tape drives. This security practice helps prevent loss-of-data accidents resulting from accidental overwriting of tape or disk.
Set up an appropriate set of backups of the DIVArchive configuration and database. Backups are part of security and provide a way of restoring data lost either accidentally, or through some type of breach. Your backup should include some policy while being transported to an offsite location. Backups need to be protected to the same degree as DIVArchive tapes and disk.