Critical. Authoritative. Strategic.


CBR is proudly produced & published
by Technews
Issue Date: March 2002 (es)

Why encrypt to tape?

1 March 2002

Within the last decade, there has been a huge increase in the accumulation and communication of digital computer data in both the private and public sectors. Much of this information is of significant value, either directly or indirectly, and it requires protection.
The subsequent emergence of large centralised storage repositories such as enterprise disk subsystems and tape silos further increases the threat to personal and corporate privacy. Since data banks are commonly accessed from remote computer terminals, there is the possibility of easy and unauthorised access to sensitive information from any place in the data communications system.
This is usually regarded as the highest access environment, and a large amount of effort has therefore been put into place to protect such on-line data. Despite the increasing awareness to the IT industry of the importance of back-up however, and the cost benefits of archiving data to tape, the potential weakness of security of tape-resident data is generally being ignored.
Encryption can be used but, unless it is properly understood and applied, may only provide an illusion of security.
Where is the threat?
It can be generally accepted that at least some proportion of the data held by a company is sensitive, be it to private individuals, members of staff, business rivals, foreign governments etc, or because of the security legislation in the country or community where the business operates.
The proportion of sensitive data is dependent upon the nature of the business in which the company operates. The usual environments where there will be the highest proportion of sensitive data are government, research and financial institutions. Here the data is the company's most guarded asset, such as new product development in a pharmaceutical company, medical records or highly private financial transactions.
Most major companies have a backup strategy, so that in the event of a system failure, the data will be available for restore when the failure has been resolved. Virtually all large companies perform this operation to tape.
Tape technology has now advanced to the point where 100 GB of data can be stored on a cartridge small enough to fit into a pocket. Many companies operate stringent security procedures in their data centres - visitors must be accompanied by pass-holding staff, keycode door locks and the like - all of which are subject to abuse resulting in a security mirage. Even if these security measures are implemented, they are totally reliant upon the loyalty of staff.
The most serious threat to sensitive data, however, has arisen through disaster recovery policies. Many companies are moving their back-up and archive tapes to their disaster recovery sites, or to a remote storage facility. It is during transit from one site to another that the tapes are at the highest level of risk, be it from organised theft, accident or misplacement. Data tapes which have been encrypted however will have a higher level of security should they fall into the public domain or into the hands of competitors.
The encryption methodology used must however be secure in itself. Encryption is a waste of time and money, however, if the decryption resources can be easily obtained. Dexchange, for example, employs a combination of hardware and security codes that makes it virtually impossible for any person to decrypt data away from the client's premises.
The hardware is easily installed at the customer's premises, and is totally transparent to the host and operating system. Once installed, encryption is done automatically during backups, with little or no effect on backup times. Likewise, decryption takes place automatically during the restore process, but only at the premises where the customer's hardware is located.
Source: Mike Smith, Dexchange

Others who read this also read these articles

  • Everything in its place

    A 2006 EMC-sponsored AIIM survey, which investigated the role of ECM in storage decisions, found that larger organisations are aggressively pursuing consolidation and rationalisation of their storage and content archiving strategies

    [ March 2008 ]

  • The art of compliant backup

    New regulations on both sides of the Atlantic, such as the Freedom of Information Act (2000) in the UK or new electronic data retention rules in the US (Federal Rules of Civil Procedure 26, 2006), mean electronic data now needs to be retained for compliance reasons

    [ January 2008 ]

  • MarketWatch: Dell steps up storage with EqualLogic

    The purchase will take Dell into the realm of technology development for the very first time

    [ November 2007 ]

  • Virtualisation grows up

    While the technology is designed to simplify server administration by breaking hardware dependency and creating a pool of processing resources on which software can run, this has a knock-on effect on systems management and monitoring, as well as storage management and back-up

    [ November 2007 ]

  • Throwing a lifeline?

    Although IT budgets overall remain flat, the portion for storage has grown from 13% in 2002, to a 22% average in 2006

    [ November 2007 ]

  • MWeb Business uses Attix5 for backup and restore

    Designed for bandwidth-rare South African conditions, it uses very little capacity by only updating those files which have changed since the previous backup

    [ August 2007 ]

  • Alexander Forbes boosts DR capabilities with DCC and DiData

    Server virtualisation enables Alexander Forbes to manage approximately 200 to 300 servers on just 16 blades

    [ August 2007 ]

  • One-stop storage solutions

    Quantum has the most comprehensive portfolio of disk-based backup and de-duplication/replication solutions, is the no. 1 provider of tape automation, as well as a long-standing leader in tape drives and media

    [ July 2007 ]

Others who read this also read these regulars

Search Site

Search Directory

  • Search for:


Previous Issues