Sun Fills in Storage Crypto Details

Sun Microsystems Inc. has finally revealed its encryption and identity management plans for the storage products it acquired when it bought StorageTek last summer.(See Sun Closes on StorageTek and Sun Gets Secretive on Storage.)

The vendor will unveil its security strategy at its Forum user event in Washington tomorrow when it takes the wraps off its new T10000 tape drive, featuring AES-256 bit encryption.

The T10000, which is built on technology acquired from StorageTek, is just the first step in a broader security push. Sun is now planning to extend this same device-level encryption to other storage products in its portfolio. There will be both more disk and tape products to follow using this,” promises Dave Kenyon, director of enterprise tape automation at Sun.

Kenyon explained that encrypting data on the drive itself helps keep users out of the headlines for embarrassing data leaks. “This means that users can be sure that media, before it goes off-site, is encrypted,” he says.

The new drive can also work in conjunction with the Cryptographic Framework Library within the Solaris operating system, according to Kenyon, which is another way of encrypting data at the point of creation and capture.Securing data before it is shipped elsewhere is big news at the moment. Today, a survey by consulting firm GlassHouse Technologies revealed most businesses have a tenuous grasp on security. Almost three quarters of executives rated their company’s data storage security as only "fair" or "poor." (See Survey Finds Protection Flaws .)

Encryption has become compulsory for companies looking to avoid the consequences of lost data. (See A Tale of Lost Tapes.) As the October Byte and Switch Insider, "Storage Security: Pay Attention or Pay the Price," points out, more than 50 million Americans have had personal information compromised since February. Some of the largest breaches involved lost tape, according to the non-profit consumer information and advocacy organization Privacy Rights Clearinghouse (PRC).

But tape storage companies like Iron Mountain insist the onus is on the customer to encrypt tapes -- even though Iron Mountain, infamously implicated in several lost-tape snafus, now says it will encrypt its own tapes with an appliance from Decru. (See Sequans Maps Mobile WiMax .) The idea is that even if tapes or disks fall into the wrong hands, the encrypted data remains inaccessible. Mike DeVos, vice president of technology services at Security National Bank, Sioux City, Iowa, admits that device-level encryption could prove useful for some users. "This could be used by a company that has to send its tapes to another user, for example, via FedEx," he says. But for his organization, which uses a mixture of disk and tape, this level of encryption would be overkill. "Our tape backups do not leave our hands. They stay within our corporation -- we do all our backups in-house."

Sun is just one of a number of vendors getting busy with encryption this week. Yesterday, MaXXan Systems Inc. announced high-speed data-at-rest encryption for its MXV Series of Secure Storage Application Platforms, and backup specialist Asigra unveiled encryption on its Televaulting for Enterprises product. (See MaXXan Adds Encryption and Asigra Encrypts .)

Also yesterday, data transport specialist NetEx unveiled a new replication system for IP networks that encrypts data over the wide area network (WAN) (See NetEx Debuts HyperShield).But encryption is not the only security card up Sun’s sleeve. Kenyon told Byte and Switch that, over the next few months, the vendor will combine the identity management features of its Solaris operating system with StorageTek’s information lifecycle management (ILM) products.

Specifically, this will involve Solaris’s User and Process Rights Management features, which control who gets access to what. ”Identity management and storage management are likely to come together in the area of key management,” adds Kenyon.

Sun’s new tape drive is also a shot across the bows of arch-rival IBM, which recently launched the TS1120, the latest generation of its 3592 drive technology. The T10000, like the TS1120, has a native capacity of 500 gigabytes, although Sun’s drive comes with a slightly higher native data rate of up to 120 megabytes per second. IBM’s TS1120 offers 100 megabytes per second.

The T10000, which lists for $37,000 for Fibre Channel, and $44,000 for FICON, will start shipping at the end of the year. The encryption feature will be available in early 2006, although Sun is yet to confirm pricing for this.

— James Rogers, Senior Editor, Byte&SwitchCompanies mentioned in this story:

Sun Microsystems Inc. (Nasdaq: SUNW)

Storage Technology Corp. (StorageTek) (NYSE: STK)

Asigra Inc.

Decru Inc.GlassHouse Technologies Inc.

IBM Corp. (NYSE: IBM)

Iron Mountain Inc. (NYSE: IRM)

MaXXan Systems Inc.

0