What's the Key to Excellent Encryption?

Data security has become a primary concern for corporations and consumers alike. As identity theft becomes more pervasive, companies are held more accountable for the way they protect personal and corporate information. Many products and processes exist for encrypting information...

December 6, 2006

2 Min Read
Network Computing logo

Data security has become a primary concern for corporations and consumers alike. As identity theft becomes more pervasive, companies are held more accountable for the way they protect personal and corporate information. Many products and processes exist for encrypting information in flight as it travels through corporate networks and across the Internet, but this solves only half the problem. The other concern is how and when to encrypt data at rest.

Unfortunately, most applications and users cannot tolerate the latency and additional cost introduced by full-scale encryption of stored data. Therefore, storage managers must start with the basics and work up to maximize data security while maintaining operational and cost efficiency.

Here are some tips for efficient encryption:

  • Extend access controls to the storage infrastructure. Dont incorrectly assume that data residing within the "four walls" of the data center will remain safe as long as network and server access controls are in place. To secure data at rest, be sure all corporate access control policies, processes, and tools extend to the storage infrastructure as well.

  • Determine which datasets to encrypt. You can encrypt application data with disk encryption technology. However, this introduces additional latency and cost to the environment. It is therefore important to do a cost/benefit analysis based on corporate risk management priorities and data classification policies to help prioritize targets for encryption.

  • Encrypt data stored offsite. The most obvious security risk for the storage manager is data stored offsite, which is typically backed up onto tape media. Currently, data written to tape is almost never encrypted -- but it should be. There are mature products available for encrypting data as it is written to tape, including many backup software platform add-on modules. Again, this introduces additional latency and costs, and should be evaluated and prioritized on an application data-set basis, and validated against corporate risk management and data classification considerations.

— Tim Arland, Principal Consultant for Storage Solutions, Forsythe Solutions Group Inc.

Read more about:

2006
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Enterprises investing in new infrastructure to support AI will have to choose between InfiniBand and Ethernet
Enterprise Connectivity
The Impact of AI on The Ethernet Switch MarketThe Impact of AI on The Ethernet Switch Market
byPam Baker, Contributing Writer
Sep 16, 2024
5 Min Read
Blue and purple digital cloud connecting apps and services with campus NaaS.
NaaS
Campus NaaS: Remaking the Campus NetworkCampus NaaS: Remaking the Campus Network
bySalvatore Salamone, Managing Editor, Network Computing
Jul 31, 2024
4 Min Read
DPUs are extensively used to accelerate AI and ML workloads by offloading tasks such as neural network inference and training from CPUs and GPUs.
Network Infrastructure
Harnessing DPUs & How DPUs are Changing Data CentersHarnessing DPUs & How DPUs are Changing Data Centers
byBob Wallace, Featured Writer
Jul 30, 2024
10 Min Read
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events