Encryption key management worries loom
Encrypted storage will require storage admins to think through key management
Computerworld - As long as IT managers encrypt data using only one vendor's products, the keys used to decrypt that data can be relatively easy to manage. But it will likely become much more complicated as more vendors build encryption into more and different types of storage devices, each with their own key management system, and as users need to move encrypted data among devices for disaster recovery, legal discovery or simply everyday business communications.
"If you share the key, you share the data; if you lost the key, you've lost the data," says Dennis Hoffman, general manager of the data security unit of RSA Security Inc., now owned by EMC Corp. The fear of losing decryption keys (and thus their data) has kept many organizations from encrypting stored data. But faced with regulations requiring that customer data be kept safe, and the prospect of hefty fines and bad publicity when backup tapes are lost, more and more companies are encrypting stored data. Another factor, security experts say, is that if the data on a lost or stolen tape or disk drive has been encrypted, the company that owns the data often isn't required to report the loss.
While in the past encryption usually required a standalone appliance, vendors including IBM, Sun Microsystems and Spectra Logic offer tape libraries with built-in encryption capabilities. In October, Seagate Technology announced it will include Full Disk Encryption (FDE) technology in all its enterprise-class drives, and vendors such as Oracle Corp. offer encryption in their databases.
That blizzard of encryption, and of keys, calls for a single, unified approach that puts "all the keys to the kingdom all in one place and managed, ideally, by one group in the organization," says Richard Moulds, vice president of nCipher Corp. Ltd., a security hardware and software vendor. Whether or not the storage group is in charge of key management, experts say, they need to understand how key management works and where storage keys fit into the big picture.
Encryption converts plain text into unreadable form, and keys are numbers which are used by an algorithm to either encrypt or decrypt data.
In symmetric encryption, the same key is used for both encryption and decryption. Asymmetric encryption, also called public key encryption, employs two keys, one public and one private, and is often used to encrypt communication over unsecure channels such as the Internet. In public key encryption, the sender uses the recipient's public key (to which they have access) to encrypt the data, and the recipient uses their private key (to which only they have access) to decrypt it.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Using VM Archiving to Solve VM Sprawl This CommVault whitepaper discusses how archiving virtual machines can mitigate VM sprawl with a comprehensive approach to VM lifecycle management.
- Keep Your Network Available, Efficient and Secure Make the most of your network by working with experts who "get it." CDW and F5 have partnered to keep networks highly optimized....
- Make or Break: New Auto Products Must Go To Market On Time This Webcast quantifies the value of time to market for the auto industry and highlights how Primavera Enterprise Portfolio Management can help organizations.
- IBM Flash Webcast: Optimizing your Datacenter for Efficient Storage & ROI Register for this webcast to learn the benefits of flash storage from IBM Customer, Leonardo Irastorza of Royal Caribbean Cruise Ltd and Storage... All Data Storage White Papers | Webcasts