Data Storage, Data Backup and Storage Virtualization - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Data Storage, Data Backup and Storage Virtualization


Data Thefts Reveal Storage Flaws



 By: Brian Fonseca
2005-03-07
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Data Storage, Data Backup and Storage Virtualization story.


Rate This Article:
Poor Best
Recent high-profile thefts of sensitive data have enterprise IT executives looking hard at the relationships among storage, backup and security.

Recent high-profile thefts of sensitive data have enterprise IT executives looking hard at the relationships among storage, backup and security, even as vendors prepare new ways to lock down stored information.

Proposed solutions run the gamut from EVault Inc.s improved online backup to Decru Inc.s sophisticated encryption methods; all aim to mitigate risk at a time of heightened concern for data security.

The stakes in handling sensitive data, especially on storage tapes, came into stark relief last week when Bank of America Corp., based in Charlotte, N.C., said it lost unencrypted tapes that included personal information on 1.2 million federal employees.

Such catastrophic security and privacy breaches are leading customers to re-evaluate how often they access their stored tape data, who is granted access, what type of security is in place and whether online disk-to-disk backup is more favorable than traditional tape backup operations.

Resource Library:

Kenan Luptak, IS manager at First National Bank, in Sidney, Neb., two months ago abandoned physical tape backup for EVault InfoStage, a self-managed online disk-array protection system. Luptak said his organization could not afford to take for granted tapes nonverification and lack of integrity checks.

"You dont have quality control of the individual taking tapes off-site," said Luptak. "Did they leave them in a car? Did they freeze or have heat exposure? The integrity of tapes is always a question, and this way we dont have to worry about how the tapes are handled."

Next month, EVault will unveil a new iSeries agent that will enable administrators to perform hot backups online without disrupting service and an iSeries database trigger method to more quickly capture changes during backups, said officials of EVault, based in Emeryville, Calif.

Security experts say that regardless of the format enterprises choose for backup, securing data should be a top priority. Right now few organizations take the time to encrypt stored data, but incidents such as Bank of Americas may change that.

With identity theft at the top of legislators agendas and on the minds of many consumers these days, banks, health care organizations and other groups that hold customer data are likely to find themselves under increased pressure to prove that they are doing everything they can to secure information. Encrypting data at rest on networks as well as backup media would be a step toward restoring customer confidence, experts say.

Daniel Chow, IT systems and security engineer for Boeing Employees Credit Union, of Tukila, Wash., said he deployed the Decru DataFort T-Series appliance to ensure the privacy of the credit unions customer data written to and stored on encrypted backup tapes.

"If theres ever a possibility that the vendor accidentally may lose our data or the carrier may lose it, because we do ship it to other locations, were always confident theres no way anyone can access that data," said Chow. "It was something that was apparent to us, and Decru provides a nice option to do that."

BECU maintains more than 60TB of stored data, distributed among several SAN (storage area network) islands with more than 300 ports.

Officials for Decru, which is based in Redwood City, Calif., said the company is working closely with large storage hardware vendors to enable its CryptoShred technology to automatically and remotely delete encryption keys used to encode stored data anywhere the information resides as part of an integrated business process or ILM (information lifecycle management) plan.

Had Bank of Americas tapes been encrypted, they would have been of no use to whoever stole them. In fact, under a bill before the U.S. Senate, the bank would not have had to disclose the loss of the tapes if they had been encrypted. Such incidents serve notice that thieves and crackers will seek new ways to get valuable information, experts caution.

"You dont have to be technically sophisticated to be a hacker anymore," said Maryann Davidson, chief security officer at Oracle Corp., in Redwood Shores, Calif. "Hacking isnt just for bragging rights and chest thumping. Theres real money in it."

Check out eWEEK.coms for the latest news, reviews and analysis on enterprise and small business storage hardware and software.



  Reader Comments: Data Thefts Reveal Storage Flaws
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Data Storage, Data Backup and Storage Virtualization Articles          >>> More By Brian Fonseca
 


x}r۸j9kmH)ٖmXēSDH"Hʗ~b:?qtMZ%bKh4Fw?I9wtô'sݙc |:I]"I~xC(3`Zϩ:AzNɑ,G)~-sbs#j5;#|6%?w *sR;€wɔiPلި+3}B}q^~bw .hѲ ⌳IlG5tyK%yH}u)p}(DsXq@ǎH*C'x8ӽi/DeOXIQIMbBy<5Fkb} =k|kw0va?쓡nCUD25v+n / /\1r.bLѽF,gw'9"S#& BhlU"iRi13܉H;@ȱ\./RF͌i:gu[gb=ױ}ǣ.&$gF=D?ƭQ If6q_-%z^yyx6ܳL]FQKX䄍ERwC>dБaԣzqٗefen6 usRM*AR,הb~/^ߙiM7?rfoFzJY4Euz `h vdu]+h5NES'a p|g͇v1s a {>0sF}j`I l"]LR}b;>ld$4o)ssLnM`rWwMPb1L{TE}vAC ,zz>)X.{s6G~>4-0%ޥ6tN\IQ 2(%E2 4.gP)AH =k 99| ޑvZ*&RP*m=!ԑtLZ*ݗh3aGe-n^ $ d6g2+IMihj1!UG,D`v9J,L.[ ϴ6jԍebQ9дZ hқ͑ Kuy=A-|' :G4$f.*dyLg0sO<sy h? OzuK:\f335{00q}c] k2oi3ӆMI|B3< I8M;l!eR#ONuuK 궉cys3tNn~|CTfЬ||=厬m4@ޗJ|zS.z: %r% 5kb$T`CfL 7l{`(`R5Jpd29<:UKUI,Yvn(!z?r( /XSquH;k\OMǎ`rMH SǏpLa)e-'V&fj>Y[*~2|Q &V,'0{.#NWաc=\SWa蘆0JM.fd>j'[!BD30`M FN6R^-!/{0kaT5Clq,YUر,.26u(MEZ"Ӟ@#@:*Cç c"D8v_(+ G.OQB#؊ W˒hPfJf M`.8uE% W<)(J9w)` L` TFSyL) :7 1$/Pk :0!P\Q-W0"sKsKU1SOnQE^~~VK$mtX6 =:{BQ7ߏ90gted-NӅZ JLqrheU-UjR9 _|}s??2:Ew:9pc~y090Nl40zpY 57~};݂/r?0:?b + ;2E<& {HZ Cy`/cҧjMqѡ,ugB䪢-}+3^>F'E{h⢉!h;3E&hӜ1o<>YȓԵpse%s@B>Z\C5-Hy*Z𑿎2镍0: MtL=;L4;c0\]>w6Ë 5#"YM=(RPc0:u Uj5Xi̋@VGl䈇%=D"pLnGsvVR!e(5ĺqK))r,*H+ů q͑/sOߏfny$ 2wgN Xe0Lv*r_A~fZT(ȫ\,B|t'nP X%W:^iZM$C節e:(TbPQKJBgQC.&&Z g6KBb;w?ͅ57gXOBB59( 0%BnGqza/;Cn7") ^ؔ:zi5]6%-:o^!Lz$I,k1UpmtLc?ցh03RN} ʃQ-ӧG׆!#tg\D@0|/$·RiEmT)~ܑN tLÀ>⺆abzȣ, (d0rYjdPHbNx| S n&mK Rٟ:sɖBzKLC~Uj3,`މjBU\kGccb^fsqwoתۃ%&bn* |J~Zg'7>hRFY+ tɟ;?\gؓE_:iv?Kvb00VuD߫%~KKxli7}quN>^u?^KN߅ø@oٷP K b>d$LTϊe}q*]wXog筓~hy- dGW~#tW %Q{ŏEKJbw/[jtK>KAVCܢ)-&GXuT䵤 g[YUHN~,jG6O=a}rWkb~]XZU$Mݝf0iۣȄGS>^Yl}DK{,a4sqշv*ϓ;~\[("Wk氎cnW8 gt.&q\tyo]ar؂cAI=G7om\>eNx>HАߚ=p8#M PvzF]Yd1]foݷvcW}턟yP1鐧^gvlLgI"ɫ׺w7}\8%'+xs|/'Cq/nV (f~\;pOҠc=b( 82{KL7K}{Uc \!',$f`&<>~.n!렳L#Ϝ;,YMh4į T gikJS!&ij(*aYfi1mϭ։vRmܨI*qJMlB+d]&2%KR$]q"q/.+1Z "[P[SntjTũ&/{kӒ1%wuy2ɶlz,wzϊCzL 4> >`˺u`]{' ,V[d+J=Z)Z?A^k/':A1/L5ņ}(vA9Ik ԺvP( ͢RAlz)1T>a:=qo㢹Ǩ"93w];RyK]{gKrXR&xLQZ@4?qA+-*ɂn0 9 Q0AJH5%SH y5OykUѻ7h &ft&7b㥇X~:XsC8{C/+j6W`!M,R3XR`6LSxqY_@M+ÎI{LKf'u1VznP˂Bo(*jVBVhVh[c `HgPwMjZ9Ph,qw]>J:^ѼR.6)Q*kRi#"@{IL"01|RoU.C85/ bRTLJ/e٢1_pSHlHW (+jR2PC!M}Y"FU$|xV)ixɓWK{`GQ}KMg3of%t8rQh D m6`=f|uB<'CՌ>CMzϼE>[*u46%V)7BbCe+JPչ t IEݞ:b2+g{k|OxC\MMMMMʥcmT/ұ>tEGxnA K$"ӞL0}r9$ a^0 ;}#J9i< YM{DL[O6笴03H3kzظꆜPx)NHB*|颷 dx^JAft]7/ifBgVpa!>Iv(g/@ƋڐOQ&O7KFf϶m;x k? =mM:h1:b+^=$jxy6nڞ|Wqe}eF;O뷱!/<I"}O8|sn!KMx0q^*ax)sd`AA$0d1`!~;ZUȵpD3^ސ_D‹(UAhc e|F&޻7LIuZ-0x[ 84.w-lu[jutӊ7ֳ9ikE_A-iΞC3xqHxyGn8CnX};9/@SQO_tI= Lam~D)8[ (oqdI~a_ ZU#o?'.w'Su,,1@NtgɜJ~ oJ?I5?4O:&-?(p ۏOcd{[ 3.O952*(DךSN|lڏtK*juܷ6.ɟ noRWW/qHX ۫R] ( TeQOǝ :'NsnK(aZ)cWF%5z J 0[~AX^qm]1&c6cu\]QS[TZ9[+W#d! `,%o,"xaquQ%gz^P_Z6`cgkaڰ>FSYh%!11\R+RSWK.>%܋%ӊ,ƻ.c 2uuWHk̘xy4vlNz yԥ:BMETBhrQŨtg5̈Gbv mz^CJ[7ɘ6]4_q=!o7ݝAfnVu&CKoVFn܀H'ܪzB9wdIfӰjRrzN{(1h>(-^a̷fᮦjDgJO%hx3U|^KjL7"|ͱɮvx:ә HuWknR)ݫ9?SRmF 96z_abusι!ʒ2f0̊ۼ%U$d[htowAQg)q8 @șn붩t!ǥ#Si ?R)!l$:*XoDΡgZܳFܞVk۩*>*1po2|SPʕ=U+%=XhpxxـjE~:tdH]K~VPofE#b2zޘo># X8Z aIm{7R[ $y?ZED* Iuj}@~hEw[W= dP_{E=3lgK?`0<ߣL 'lI<R+hy» `8.gj9VtK$EM*2&Bs8{_z=&:N%YRA~}sU'n#B d#Lk*  i+E ȧn1JO \-B@ebq{y~72!K,YJDqY@y#LL݂zĂB|~N­!RBtSkWέ03L\Yej xpx})lH  23LCkR.ɖàzEQp#ߛꞿSg0YKKlݜ(8ój1I(tCK/HzsZam6dFka]N͑/#}|AaP8Z  +z+U'I]U@)9CȮ KƪZJW4oSWtYhկeu &JZ! `xzNrdhz߃[#}:>1}31h^^&'+$'W}<]/9lwp4>Vv?u/?/ZW~qbuvO5m+LideAN.Sr[Ԟpm.4 "G}ɂwᝧ%}QX\mÓ(o.!jbTթ4 W?&z W^O˦V\k!h??BVՉt.3]rZOFwA^^Z+!z_U8iz67anq4ħyO\#4[E9yF(QQ~Wˏ͌.w3ʑˏǭ#(?Z_~9ɠ)G(kחsqF93틌r^Q?/?akt2Ƨd;Y v> tw?;d'EF/>A3(?(#坌rߋȐ   _.?.3޿x *z^F{^F 忮/1>Arߧ}}ʠ5_g^g55u%:Iʘ!gK\8=Rfr ~)A_d_y*%IFy 3YY ~veX^fй\52Я!ew2~62Ak_u aqʍz^S_xښ馵pۭ]n@KG{1*,xWbJ*OW4<< X1rnmVDVq&R2#s"qǾJ91baOd_ǫw0{ %Y#/]#=D(Ksҗ2Fs?`r4YQ2!=P7.v8)s :s%>| SG0U75is[~|^Yݩ;yx߅ o2Q*K85ýEYRw80׀zCO7m(xr܌u>W{xu0CZWeО>gA7gn"gB8`%`1zI]U @BL7mޣ)7?Lgn F#usC\ԴZjRs?'WHd1#"0t`RŀDdU*[ZX,.g /(@#غ̷7zR%|C7<8eȓRq t+ҷI!@Og؍xݏ,M~f*gMԛn 46>[D߇P3G)bꨙ zn2i&23-ŕ{:o\t "e"sMs!#jϗ57G78a+ƈCM+In_!mx'G%Ī"9#gZHpzusʱ E nǝ)Z^t˙4_ಓ_`Ȍl~)B n`Z(>/~} ]u=~dTa"q0q?K+_zl x Qh/I'; >#0qnO 챧,5 gr3+.Ġ/2>g'4WBMx* Ul&}߱iB :qD>焽HaCm5uۗeԢԱ"/tbi0Dc|wVF^^2F\gȌa)`̓?GcС_456tZзkdY9Hr&zU h$.7=j"6DwΆb/Rq1^RŒsmqSunH-2"ᅰx/!Z^y|X6eH֓yc,XoͨT*L[ |QKڼAN$Kd7-YoˊL#tm{f*io?B!#R.܏OF[)0XPy74yKW=Q粺na|ht%K^FH%!Xi[e1bd+q=3ӲG(q",@zP݌SE+KeY$Vi.ٕ8ǩ3bhuq#1tVB\ (ct!L?Q1?cumnFQuF:¶u4-ѩoTU ۊ|Va=v5O1igNb k:*φŀpVs{~kC'>fkpxy|u2^GB~Dda'Z-*?҂g' Q\F$0(ylHK9Oy1'(NRPf7}`N*)Asa#El [ApV=\:9z0#ŸEr,eZ,aV!%ӫrXz{e75w SF \呓<AC)Xqk @cՄ6: ] yl%j,1f.& w Axv4<5TF_E@KG7diUĔ&ɵ\RKnrmm#k )60MÄru"3poq=ycәJ p;g8g0V^ZpTT/>%hw2b59ʧ=I~p v0,L#ֿŠN|]t/NʓE_:ivyH%D=C= 鳳AF[+O(QF.>=(>wb3 /=l}8~8ŠEKB^ D>Vy|ܾ8MVĻzv Colsgs7*Р~oQWVIGb$- U.äyg;a+b(16lS24K_hjJlxTɉq0oǝF6̄ В%nvbecBD.