New IBM Software Encrypts Tape Contents, Key

IBM announces new software that encrypts both the data inside a storage tape and the public key that opens it.

IBM introduced what it called the data security markets "first comprehensive tape encryption solution" Sept. 12 with its new Encryption Key Manager, which stores and encrypts data—and the keys that open the data—on high-density tape cassettes.

The Encryption Key Manager enables users to encrypt data on the tapes, whether they are using IBM mainframes or Unix, Windows or Linux tape storage systems.

The encryption software, developed by IBMs Tivoli division, will also allow users to encrypt data without having IBM proprietary applications already installed.

The Encryption Key Manager comes pre-installed on all IBM System Storage TS1120 tape drives, which have a list price of $35,500, and is a free component in IBMs Java Development Kit. The public key management software supports the encryption tape drive on a wide variety of configurations, including IBMs own z/OS, i5/OS, AIX, Solaris, Linux and Windows.

"Imagine having an apartment complex with 100,000 units. This is like leaving a key taped to each door, instead of having them spread all over the place—on key rings, under the mat, and so on," Andy Monshaw, general manager for IBM System Storage, based in Armonk, N.Y., told analysts and reporters in a teleconference.

/zimages/2/28571.gifClick here to read about a tape security appliance from NeoScale.

"However, you have to un-encrypt the key first before you can go inside, where all the contents are also encrypted. So there are two pretty substantial layers of protection. We believe the algorithm used [developed by RSA Security] is computationally unfeasible to break into … using brute force," or hacking, Monshaw said.

IBM believes this type of encryption will be good until at least 2030, Monshaw said.

The Encryption Key Manager works with IBMs Tivoli Storage Manager as well as with virtually any storage management system on the market, Monshaw said, because it uses public key encryption infrastructure.

"Public-key cryptography gives customers a tool set that allows them to radically simplify the process of key management," said Marianne Mostachetti, Director of IBM System Z Software.

"A unique key can be used with each tape cartridge, and by using public key cryptography, customers can conceal these unique keys and leave them right with the tape cartridge."

Monshaw said enterprise customers in the finance, health care and insurance sectors are already placing orders for the encrypted tape drives.

"Demand for the new data encryption drive has been off the charts; weve already surpassed our years sales goals before its even launched," Monshaw said. He would not elaborate on what those sales goals were.

"The reason for the demand is simple—data loss and identity theft continue to plague corporations and consumers alike," Monshaw said.

"Today, a new level of security is available to corporations that want to ensure [that] their data will never be accessed if it is ever found in the wrong hands. In the case of stolen or lost records saved to tape or disk, encrypting data renders the records totally unreadable. If a tape is ever lost or stolen, you only lose the value of the media itself—not the data," he said.

/zimages/2/28571.gifCheck out eWEEK.coms for the latest news, reviews and analysis on enterprise and small business storage hardware and software.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor-in-Chief of eWEEK and responsible for all the publication's coverage. In his 13 years and more than 4,000 articles at eWEEK, he has distinguished himself in reporting...