Fujitsu has produced a petabyte-size storage array with native encryption.
Fujitsu's Eternus8000 and Eternus4000 storage arrays are replacements for the 6000 and 3000, said marketing head Richard McCormack. The Eternus8000 is more than twice as fast as the 6000, while the 4000 is 50 percent faster than the 3000. The Eternus8000 supports up to 1.38 petabytes of storage.
Both new arrays include the ability to store data encrypted with 128-bit AES keys. The key, which is stored on the disk drive itself, is also encrypted. But that fact has made Ken Westerback, information technology architect at St. Michael's Hospital in Toronto, uncomfortable. While Westerback would like to store data that is encrypted, due to the requirements of Ontario's Personal Health Information Protection Act, he said he wants full control over the encryption so he can replace the encryption engine if he wants. Westerback said Fujitsu hasn't briefed him on its new products and that he needs more details. He said he wants strong assurances that there would always be a way to get the data off the device no matter what kind of failure the arrays might suffer.
Losing access to the data - or Fujitsu having what he called a "magic password" that could retrieve the data - would be even worse than an unauthorized person seeing it, he said.
Westerback is not alone in his concerns, according to John Webster, an analyst at Data Mobility Group. While the idea of native disk-level encryption has been discussed for some time - IBM announced its intention to provide encryption on the disk drive level earlier this month - users have two main concerns, he said.
First, they are worried about the performance impact encryption would carry. The second, and greater, concern is devising a strategy for key management to ensure that the company can still get at the data, Webster said. It becomes another layer of management complexity, because not only is there the question of what happens if the keys are lost, but companies need to plan what to do in case the person responsible for managing the encryption system takes another job, he said.
On the other hand, Gartner analyst Dave Russell noted that even companies that are not required to do so for regulatory purposes are aware of the need for protecting data and that building encryption into the disk array itself could be appealing because alternatives are slower or more complex. And while it's true that an organisation that loses the key would lose access to the data, it's not an issue unique to Fujitsu but applies to all forms of encrytpion.
McCormack said that to forestall problems with a disk error rendering keys unusable, the encrypted key is stored in four places on a disk, and if one of them became unusable, the server would automatically move to the next key location and log the incident.
Other new features in the arrays include a remote advanced copy feature that lets users replicate data between Eternus systems; support for iSCSI, which allows organizations to use lower-cost IP circuits to connect the arrays to hosts; and Massive Array of Inactive Disk (MAID) technology, which reduces heat generation and power consumption by temporarily shutting down disks when they're not being used.
The arrays are available now starting at $24,500.