DHL, FedEx and UPS are fine companies. A week doesn't go by that one or more of their trucks doesn't pull into my driveway to bring me my latest presents. I've trusted each of these companies to ship all sorts of things.
What I won't do is give them an unencrypted backup tape.
I've seen drivers from every single one of these companies leave their trucks unlocked when they come in to drop off my package. If they do that with my eBay purchase, and somebody steals it out of the back of their truck, I file a claim and get my money back. If they do that with a plain-text backup tape, I've got a breach of security that can't be undone.
Untenable legal burden?
If there is unencrypted personal data from any California residents on the tape, and I cannot immediately notify everyone, I'm required by law to e-mail them, post it on my Web site and notify the news media. If it's just intellectual property, I currently don't have to notify anyone, but my company would suffer an unrecoverable loss.
Of course, recent incidents have shown that companies that specialize in the shipment and storage of media aren't immune to mistakes either. Maybe you put three tapes in the box instead of four. Maybe your security guard went to the restroom and stored the box in a "safe place" so no one would take it and then forgot it. Maybe a driver accidentally mixed your box of tapes in with someone else's box of tapes. There was even a recently reported loss of hundreds of tapes that were never shipped anywhere!
None of these mistakes are supposed to happen, but as long as humans are involved and millions of tapes are changing hands, things will happen. And if they happen to you, you're subject to the same California law mentioned above if California residents are affected. (A federal version of the law is being proposed right now, and I'm behind it 100 percent.)
Two options (and one is ridiculous)
Given the increased attention being paid to these types of breaches, I believe you've got two choices:
Lock your tape library and never take your sensitive backup tapes anywhere;
Or, encrypt them and do whatever you want to with them.
The first option is, of course, ridiculous. The second choice is completely reasonable and can be enacted in one of three ways.
One, you can encrypt the data inside the application that created it in the first place. Database products support encryption, as do third-party tools, such as those provided by Vormetrix.
The second method is to use your backup software's ability to encrypt data when you back it up. This method might be the least expensive to implement, but it does have performance and manageability challenges, especially when it comes to key management.
The final choice, and perhaps the easiest of the three to implement, is to buy a hardware encryption appliance, such as those provided by Decru and NeoScale, and encrypt sensitive backup tapes as they are made. Without going into too much detail, I can tell you they've got good answers to the key management questions, and they're not supposed to slow down your backup at all.
If you're not going to encrypt your sensitive backup tapes, at least use a company that specializes in media shipment and storage. This way, your tapes will be tracked via barcodes, stored in environmentally friendly conditions and will be handled by a company whose entire reputation rests on its ability to handle your media properly. (Which means you should be using these companies whether you're encrypting your tapes or not.)
Remember that no current law requires you to disclose anything if the personal data on a lost backup tape was encrypted. How much do you think any of the reporting companies would have paid to be able to not call the news media? Think about it.
W. Curtis Preston is a vice president of GlassHouse Technologies and founder of The Storage Group.
This issue is yet another cost to be added to burdened storage IT managers. It's another product sale where there is no positive affect on the business at all. It's all about adding cost and additional storage processing now in order to avoid potential future penalties. Fundamentally it's another layer of insurance to be borne.
The chances of one of your backup tapes being lost from the thousands and thousands shipped daily around the world is miniscule. The chances of the lost tape containing sensitive information about people is even slimmer. You may well decide that, subject to despatch companies tightening their procedures, you will not bother with this added cost. On the other hand, a few thousand pounds for a device versus potentially embarassing publicity may be a worthwhile trade. Maybe your business' marketing department will pay for it?
Find your next job with techworld jobs