Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

People's United Bank Turns to Encryption to Protect Backup Tapes

It seems the number of security breaches in recent years has been uncountable. While some breaches, such as the outright hacking of Web servers and databases, can be blamed on criminal hackers, many other breaches -- too many -- involve loss of customer data that could have been avoided if advanced precautions had been in place. One of the most common steps would have been to encrypt backup tapes. Once encrypted, tapes are a bunch of gibberish even if they are lost and end up in the hand of criminals.

Consider the year 2005. That year, online trading company Ameritrade disclosed that the vendor that handles its backup tapes misplaced a tape that contained information on about 200,000 of its customers. Financial firm Citigroup also had to admit that a backup tape holding data on nearly 4 million of its retail customers was lost. Even storage provider Iron Mountain has to admit that year that it lost a number of customer backup tapes. There were many more such gaffes that year, which also was the year that People's United Bank, based in Bridgeport, Conn., sought a way to ensure it didn't lose any unencrypted tapes.

"Our board decided that we had to do something to secure our backups, and that we had to do it fast," said Mark Depathy, senior infrastructure engineer at People's United Bank. "We knew that if they were encrypted and lost, whoever found them would just have a hunk of plastic."

At that time, surprisingly, there weren't many efficient ways to go about encrypting mainframe backup tapes. "The market wasn't filled with products to fill our need. What we initially wanted was the ability to encrypt and manage all of our backup tapes centrally, across all of our platforms. That capability wasn't there for us," Depathy said.

Depathy, whose responsibility includes managing the bank's z/OS mainframes, examined a number of options on the market. Most involved appliances that sit between the mainframe and the backup units and encrypt the tape as it flows through. But Depathy saw problems with that approach.

  • 1