Insider: Encryption Means Planning

IT pros could face a crisis when it comes to encryption for storage networks

March 15, 2006

3 Min Read
Network Computing logo

Encryption is vital to protecting a company against data loss, theft, and malicious activity. But many IT pros could be facing a crisis when it comes to encryption for storage networks.

According to the latest report from Byte and Switch Insider, this publication's subscription research service, storage networking increases the vulnerability of stored enterprise data to both external and internal attacks. Storage networks foster multiple entry points from multiple hosts with different operating systems.

Encryption, while not a complete security solution by itself, goes a long way toward ensuring data safety. But the report, "Storage Encryption: State of the Art," notes that problems surrounding the enforcement of encryption could, ironically, threaten the security of many organizations.

For one thing, deciding what to encrypt can be a major stumbling block. Unless an IT manager can identify the data that really needs to be encrypted, when it needs to be encrypted, and who should have access to it, encryption can quickly become unmanageable.

The reason for this is simple: More data means more encryption keys need to be issued to protect it. These keys are the digital signals needed to ensure data can be turned into unreadable code and then translated at the right time by the right folks. Thus, involving more users requires more keys. Provisioning all of this can become an administrative nightmare. If keys wind up being manually managed, which the report notes is increasingly common, gaps can arise that expose data to security holes and errors.There are moves to increase the use of encryption in storage devices, and there is talk to making storage security appliances such as those from NeoScale or Decru the focal point for key management. (See All Keyed Up With NeoScale.) But this approach is still nascent, and it's not clear exactly how it will play out in terms of standards and actual products.

Users are best advised, the report states, to set policies on data encryption carefully up front. Once this is done, performance considerations and costs can be factored. There are many of these. The report lists twelve points to ponder in choosing a strategy.

Software encryption, which is far cheaper than hardware encryption, for example, can take up more than 10 percent of a server's CPU cycles, making it a performance hog. Hardware encryption appliances are costlier, typically starting at $25,000, but they typically perform better than software tools.

While deciding how best to deploy storage network encryption, users must keep in mind that encryption is part of a larger whole. By itself, it cannot meet regulatory compliance needs or ensure data protection. But if IT pros take thorough steps up front to ensure the right choices, encryption can take data security a long way in the right direction.

Mary Jander, Site Editor, Byte and SwitchCompanies mentioned in this report include:

  • Atempo Inc.

  • Decru Inc.

  • EMC Legato

  • IBM Corp. (NYSE: IBM)

  • Ingrian Networks Inc.

  • MaXXan Systems Inc.

  • Microsoft Corp. (Nasdaq: MSFT)

  • nCipher Corp. Ltd.

  • NeoScale Systems Inc.

  • Nexsan Technologies Inc.

  • Oracle Corp. (Nasdaq: ORCL)

  • Spectra Logic Corp.

  • Sun Microsystems Inc. (Nasdaq: SUNW)

  • Symantec Corp. (Nasdaq: SYMC)

  • Vormetric Inc.

    Storage Encryption: State of the Art is available as part of an annual subscription (12 monthly issues) to Byte and Switch Insider, priced at $1,350. Individual reports are available for $900.

    To subscribe, or for more information, please visit: www.byteandswitch.com/insider.

    To request a free executive summary of the report, or for details on multi-user licensing options, please contact:

    Jeff Claudino
    Sales Manager
    Insider Research Services

    619-229-9940
    [email protected]For review copies, members of the media may contact:

    Gabriel Brown
    Chief Analyst
    Insider Research Services
    44-20-7701-9330
    [email protected]

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights