2:30 PM -- I think I've made it clear here and on the InformationWeek Backup and Business Continuity blog that I believe in encrypting tapes and other data-bearing media whenever it leaves the data center. However, when the professional paranoid types that run most corporate information security groups started issuing edicts that all disks be encrypted, even those that never leave the data center, I was to, say the least, skeptical.
I argued that it was unlikely that someone would break into the data center, through a series of doors with card access systems and video cameras, and then steal the disk drives out of a server or RAID array. If he were daring, and strong, enough to steal the whole server, the encryption wouldn't provide any greater security since the server would have to have the encryption keys to be able to run.
When they said "We have our reasons and have selected to use a Fibre Channel encryption appliance from Neoscale or Kasten-Chase", I made them work. When Neoscale and Kasten-Chase went belly up, I helped my clients to install Decru/NetApp replacements and migrate all their data from logical disks encrypted with the old solution to logical disks encrypted with the new one. I was, however, grateful that as a consultant I was being paid by the hour.
Lest I sound too cynical, I do recognize of course that there is one good reason for full disk encryption in the data center, preventing data on discarded, damaged, and disabled drives from falling into the wrong hands. While most organizations today have cabinets or closets full of disk drives awaiting secure disposal, they could toss encrypted drives in the trash or return them to the vendor for warranty replacement without worry.
Given the cost and complexity of today's solutions, I'm not sure solving the drive disposal problem is a good enough reason to invest in SAN encryptors. Now that the Trusted Computing Group has come out with standards for self-encrypting drives, with separate specs for laptop-orientated and enterprise drives, and all five drive manufacturers have endorsed them, a new and better solution should soon emerge.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
