File-based data storage inheritably has some vulnerability in favor of security hackers. Data content in a file is a stream of meaningful information bytes. Further, data files are well-organized on the data storage devices and a file is a basic unit for copy, remove, and other operations. A block of file or storage space represents the data information in that part that is meaningful. All the above properties impose 5 critical risks on the file-based data storage.
File-based data storage provides very poor data confidentiality because each file in the data storage is a stream of readable information. Therefore, the breach of any file portion results in information leakages. The data hackers can easily retrieve your data file by file from your data storage devices. The physical loss of any storage device could result in data leakage of a large number of files.
File-based data storage provides very poor protection of personal privacy. It is because many technologies are able to scan metadata of your file that may contain your personal privacy information. Therefore, file-based storage may lead to personal information leakages.
A file-based data storage system saves data as files and a file can be easily copied by a hacker. It is because you save the data file-by-file in a well-organized way. In fragment-based approach, a hacker cannot get the data using copy and other operations.
File-based data storage is not resilience to brute-force attacks. It is because the encryption is enforced on a unit of file. The key can be decoded to unlock a file by brute force attacks. Current data encryption can be broken by a super computer in hours or less and the future quantum super computer can decrypt it in a few seconds.
File-based data storage has poor protection against insiders. It is because the files at-rest can be easily copied by an insider (e.g., device managers, data managers) having access to a data storage machine. Access control and authorization become immediately invalid for these insiders.