Task Force on Network Storage Architecture: Information Security James P. Hughes and Aloke Guha - Research and Advanced Development, Network Systems Group, Storage Technology Corp, Brooklyn Park, MN 55428 All popular file systems consider the file server itself to be impenetrable, the archival and backup systems inherently secure, and that the administrators are beyond reproach. This is the basis for the common wisdom that the only security necessary, is access control and protection of the data when it is in-flight between the file server and the user. It is the authors' opinion that this is not the paradigm that should be brought forward to future Network Attached Storage architectures. Instead, the data should be protected when it is produced, and then unprotected only by authorized consumers of the data. This allows the security of the information to be independent of the security of the data repository, interconnect networks, hierarchical storage systems and backup methods.