Decrus Encryption Tool Combats Problems of Human Error, Backup

Decru Inc. is the latest company to join the storage security niche, with its first encryption product, DataFort.

Decru Inc. is the latest company to join the storage security niche, with its first encryption product, DataFort.

The main weaknesses of enterprise storage are human error and the aggregation points of backup systems, said Dan Avida, president and CEO of the Redwood City, Calif., startup.

To address the weaknesses, DataFort, announced last week, combines 256-bit Advanced Encryption Standard software with a 2U (3.5-inch) server appliance. It comes in a SAN (storage area network) version called the DataFort FC440 and a network-attached storage model called the DataFort E440, Avida said.

"In a SAN, you can pretty much authenticate a process, but you cannot authenticate on a user-by-user basis," Avida said.

DataForts software components run and audit its own authentication. Masking and zoning of logical unit numbers doesnt solve the problems either because the LUNs can be spoofed, Avida said.

Both versions of DataFort use out-of-band Ethernet connections to storage, and both are available now.

Decru beta tester Greg McGrath, senior director of IT at Incyte Genomics Inc., said hes pleased with what hes seen. His team has connected the DataFort E440 to a Network Appliance Inc. system running 20 terabytes, although Incyte also has 150 terabytes of an EMC Corp. SAN and more than 15 terabytes of a Hewlett-Packard Co. SAN.

"It works as advertised. It was very easy to install, very nonintrusive. It hasnt created any problems at all," said McGrath, in Palo Alto, Calif.

However, McGrath said he hasnt decided yet whether to buy DataFort. None of various hacking attempts in the past ever got into the storage, and price will be a key because the company would need a second system for backup, he said. "If youre paranoid enough to encrypt and decrypt your data, thats a single point of failure," he said.

DataFort costs in the "low tens of thousands," Avida said.

But Decru has competition. Kasten Chase Applied Research Ltd., an older and larger company in Toronto, next month will launch its Assurency Secure Networked Storage appliance, a device similar to DataFort, said Hari Venkatacharya, senior vice president.

Also, NeoScale Systems Inc., of Milpitas, Calif., next week will launch CryptoStor for Tape, a 1U (1.75-inch), 2G-bps appliance solution. However, it will use an in-band method, which means it attaches directly to the storage network.

In-band is more powerful but results in more network overhead.

CryptoStor for Tape will cost "in the low teens" of thousands, a company spokeswoman said.