Applying encryption to backup tapes, especially those that go offsite, mitigates the risk of compromised information. The California law mentioned earlier requires public disclosure only if lost data is unencrypted (and contains personal information). Unfortunately, few companies today encrypt their backup tapes.
Analyst firm Enterprise Strategy Group performed a survey of storage security professionals in 2004 and found that 60 percent of storage professionals never encrypt backup tapes and only 7 percent do so routinely. In an update to that report in 2005, after a series of public losses of data, it found that 42 percent of storage and backup professionals had not changed their policies due to recent events . Similarly, in a recent audit by DISUK, only 34 percent of respondents said their corporate security policy included backup encryption, and only 23 percent said it was actually taking place.
While encryption seems like an obvious step, many storage professionals point out that the time, effort, and costs required to encrypt backup tapes – which may contain data difficult to read without the source application – is not worthwhile. Unfortunately, difficulty in reading tape data remains a poor excuse and method for protecting corporate data and perhaps your neighbors’ social security number or other personal information. Fear about the inability to recover encrypted data due to a loss of encryption keys or the loss of the decryption engine (e.g., we retired that tape drive 3 years ago) also drives a lack of action. Certainly the concerns about encryption – especially as it relates to the recovery of data – are valid, but they should be placed in the context of achieving results – not delaying action. A balance can be achieved between the availability and security of backup data. Finding the right point is better than opting for no security of backup data on tape media.
The deployment of any type of data security measures will require additional management effort and IT resources. However, if you accept the need to secure backup data sent offsite then the dialog changes from one that compares the ‘cost’ of security to the status quo, to one that evaluates and adjust current processes in order to improve the security of offsite backup data. Obviously, encryption plays an important role in the storage security puzzle, and a vital one with removable media such as backup tapes.
The decision to encrypt data on removable media sent offsite is only the first step to more effective storage security practices. Not surprisingly, choosing a tool to do the job (e.g., the fastest encryption technology available) is neither the next or last step. Instead, evaluating and preparing your backup environment for the use of encryption will be the longest and most important part of the process.
There are two approaches to encryption – using a hardware device in the network or within a tape library – or using software installed on a client or server. The encryption of backup data can occur at different places along the process – on the client before a backup begins, on a device in the network as data travels to its media target, on a server that processes the backup and moves it to tape, or as the data is written to tape.