Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Tips for navigating the maze of global security regulations."

Download it now to read this article plus other related content.

Look Before You Leap
When you consider encrypting backup tapes, you need to consider the risks of encrypting stored data. They're very different from the risks associated with encrypting data in flight. If you have a problem encrypting data in flight, you know it right away and fix the problem. For example, if an application is sending data across an encrypted channel, and something happens to the encryption, the application will crash. A root-cause analysis will determine that encryption failure was the culprit.

However, if you have a problem with encrypted data at rest, you may not know it for weeks, months or years--and probably not until it's too late. This is because unlike encryption of data in flight, the read step only happens when you verify or restore from a tape. Therefore, unless you're verifying every tape after you've written it, the only time you're going to test your encryption system is when you perform a restore--the worst time you want to find out your encryption system doesn't work.

The biggest risk with encrypting backup tapes is that you can make them so secure that even you can't read them. If you lose your keys, or if your processes break down, you end up with unreadable backup tapes. Unfortunately, you might not discover this has happened until the moment of truth: when you absolutely need to read that tape.

This is why key management is so important. Keys will be needed any time you attempt to read encrypted data, such

    Requires Free Membership to View

as when performing a restore, and access to keys by the wrong person could render your encryption system useless.

Consequently, keeping track of the keys used to encrypt data is paramount. A database is critical for tracking what key was used on what day to encrypt what data. Any time you change the key, the database must be updated accordingly. You must also control and monitor access to the key database to prevent unauthorized access.

Although secure key management systems already exist for encryption of data in flight, they don't support multiple keys associated with a single system or tape drive over different periods of time. As a result, key management systems designed for encrypting data at rest are often much less mature.

Another risk with encrypting backup tapes is failure to strike a balance between security and usability. This is a constant battle in security circles. If you make a system too secure, it becomes unusable or difficult to manage. If it's easy to manage, it's usually not very secure. The goal here is to find a balance--making the system more secure without significantly increasing management costs, or changing the user experience.

There are three basic ways to encrypt backup data:

  • Source encryption
  • Backup software encryption
  • In-line hardware encryption
All three will encrypt data before it's potentially lost. However, each option will have a different impact on usability and cost, which must be taken into account. For example, many would consider a method that causes the speed of all backups to slow by 40 percent, or decreases the capacity of a tape library by 100 percent, to have too great an impact on usability to be a viable option.

This was first published in February 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: