Best Practices for Securing Your Backup Data
Encryption is readily available for new applications in e-commerce, telecommunications and finance. With security breaches commonplace, the need for encryption has become so necessary that various agencies have seen a need to step in and impose regulations. Why is it even necessary to encrypt backup data? The reason is security. Data stored in clear-text is open to attack by everyone.
IT organizations are beginning to realize that the reach and effect of these security laws impacts their procedures and processes. There is currently no specific set of guidelines for compliance within the IT industry. One area of compliance that remains high-risk is that of data storage encryption. For the most part, data transported to off-site storage is not secured and tracked, leaving tapes defenseless against theft, alteration or unauthorized viewing. Encryption appliances for backup tapes are the only way to ensure data at rest is safe.
The California Security Breach Information Act is a cutting-edge law which enforces a rule stating California residents must be notified any time their “personal information” is compromised. Of course, this law imposes strict requirements for public disclosure, the main reason for the increase in reported security breaches across the country. The difference today is that those responsible will have to pay for their mistakes. If an IT Manager fails to properly encrypt company data, the sentences range from suspension to 10 years in prison, with fines from $100 to $1,000,000.
Therefore, concern is steadily growing over an individual company’s current and potential liability. To define what your most critical data is and how best to encrypt that data while at rest requires an in-depth review of current encryption policies, including assessing methods, key lengths and key management. Only after this thorough process will your company be in the position to address these high-risk areas with proper encryption.
Security measures are widely implemented to protect data, however these are not nearly effective enough to provide the security that guarantees the safety of stored confidential records. The answer was to transport backup tapes off-site for protection. However, as corporations grew increasingly computer and Internet savvy, the risk of employee theft, data lost or stolen during transport, environmental damage and theft of discarded tapes grew. Each of these threats brought increased security measures.
However, the biggest threat to confidential information today comes not from the outside, but from the inside. Internet hacking has quickly become the most efficient method of stealing data. Under the new compliance regulations the database administrators (DBA’s) find themselves charged with a high level of duties for which they often feel they do not have the most effective arsenal of tools.
Logic would tell us that the risk personally and to company information and customer privacy is high enough to immediately begin a solid plan of data encryption. Concerned CEOs searching for ways to minimize risk are taking a longer and harder look at cost-effective ways to make data security a priority.
Government regulations, including more stringent control and audit requirements, are designed to protect consumer data and confidential information, making it clear in no uncertain terms the penalties and fines one could face for failing to meet these requirements. Records storage leader Iron Mountain, which fell victim to the loss of tapes containing sensitive customer information, is recommending that companies encrypt backup tapes containing personal information saying, “We believe encryption is the best way for businesses to meet the increasing need for privacy protection.”
Still, while most organizations perform backup data and maintain offsite copies, backup tapes remain largely unencrypted. This leaves the risk at high levels and exposes the company, IT managers and supervisors to stiff fines and penalties for failure to comply with government regulations that control exposure of confidential consumer information, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Fair and Accurate Credit Transaction Act of 2003 (FACTA), and the Financial Services Act of 1999 (Gramm-Leach-Bliley or GLBA).
Unfortunately, as with all new regulations, there is much work to be done in plugging the holes, but one thing is clear: it doesn’t matter whether the breach is accidental or intentional. If it happens to you, you’re responsible.
New encryption methods and hardware are helping to take away some of the difficulties commonly associated with the process of encryption. What can be done to ensure the security of this data and protect those involved with it? What, if anything, is holding your organization back from taking the necessary steps to choose the only appropriate solution, data encryption? Which encryption solution best meets your needs and will instill the highest level of confidence? No longer is it a matter of whether you’re going to encrypt, but when and, even more importantly, how.
One excellent solution is the Q3, a hardware appliance for tape backup encryption that fits in seamlessly with your current environment, takes little time to setup and has little to no effect on current backup procedures, offered by BOSaNOVA, Inc. The Q3 is the latest encryption solution to address your highest levels of risk to your entire IT staff from managers to programmers. Providing systems implementation across your entire infrastructure, the Q3 offers the most efficient, cutting-edge process your team can implement quickly and easily, with the assistance of BOSaNOVA’s technical support.
The Q3 meets your biggest challenge by not interrupting your workflow or your network’s performance. Access to data through this secure hardware appliance now means there’s only one way in, making it nearly impossible for your data at rest to be vulnerable to attack from an unknown source. For a full version of this article go to http://www.theq3.com/securingbackup.php
About the Author
Martin Pladgeman is President of BOSaNOVA, a leading provider of security solutions, thin clients and network appliances. Their newest solution, the Q3, is a storage encryption appliance that provides complete security for data at rest. For more information, visit www.theq3.com or email info@theq3.com. Detailed information on BOSaNOVA Thin Clients and iSeries Connectivity Solutions can be found online at www.bosanova.net.
Tell others about
this page:
Comments? Questions? Email Here