Entries categorized under “Encryption”

Information Technology Divisions (I.T.) traditionally does not deal with securing a device that has not been issued and controlled by them. Bring Your Own Device (BYOD) has exploded across industries. Rapid adoption of iPhone and Android devices displaced Blackberry Enterprise Server (BES) in the mobile enterprise email space. Adoption of new devices drives the need for Mobile Device Data Management software to assert control. (read more)

Encryption's value is no longer in question in large enterprises. Rather the broader challenge they face as they look to manage petabytes of data in complex backup environment is, "How to overcome the substantial costs and time required to manage encryption keys?" An answer to these concerns is finally at hand in the form of the newly available Key Management Interoperability Protocol (KMIP). (read more)

Imation tape media has protected the data of enterprises for decades. Now Imation is applying its enterprise data protection expertise to the SMB marketplace through its aptly named DataGuard line of purpose-built backup appliances available in both rack-mount and desktop packages. (read more)

"Encrypt it. Encrypt it all." That's a policy almost every small and midsize business (SMB) plans to implement as they look to move or store their archival, backup and compliance data offsite. But implementing that policy is easier said than done, especially when one factors in encrypting data stored to removable disk media and then the overhead associated with managing it. This is what makes Imation's recently announced RDX Media Secure significant: data encryption on removable disk media (RDX) becomes a reality without becoming a hassle. (read more)

Choosing the right cloud-based archiving and backup solution may well be one of the most important - and difficult - decisions facing small and midsize organizations in 2012. However a recent acquisition by Imation should contribute to easing which solution organizations should choose in 2012. This acquisition did more than give Imation a cloud-based backup offering. It put Imation among an elite class of providers that offer both local and cloud-based data backup, recovery and archiving options from a single solution. (read more)

Choosing the right cloud-based archiving and backup solution may well be one of the most important - and difficult - decisions facing small and midsize organizations in 2012. However a recent acquisition by Imation should contribute to easing which solution organizations should choose in 2012. This acquisition did more than give Imation a cloud-based backup offering. It put Imation among an elite class of providers that offer both local and cloud-based data backup, recovery and archiving options from a single solution. (read more)

Today I continue to reveal the Top 10 most read blog entries on DCIG's website in 2011 with these four (4) entries typifying the two extremes of topics that DCIG's readers tend to read the most. At one end of the spectrum are two forward looking blog entries on topics that every organization are examining now: the cloud and virtual server backup. At the other end of the spectrum are two older blog entries on the topics of cable labeling and encryption for which organizations continue to need relevant information. (read more)

Last week I wrote about Symantec's introduction of the Data Insight feature into its Data Loss Prevention (DLP) product. But afterwards a number of questions came to my mind as to how the DLP product itself worked, especially when compared to other solutions in the eDiscovery, search and storage management space, as well as how the Data Insight feature is implemented. So to get those questions answered, I got back on the phone with Robert Hamilton, Symantec's Senior Product Marketing Manager for DLP. (read more)

An organization can come up with any number of reasons why it does not encrypt data stored to tape. Encryption is too hard or expensive to implement. The management of the encryption keys is too complicated. The business does not have the time or manpower to deal with encryption right now. These are all valid excuses for not implementing encryption. However, if storing sensitive data to tape remains a part of an organization's long term data management and retention plan, then the growing list of federal and state regulations means it can no longer ignore the need to encrypt its data. (read more)

The current recession's wrath has spared few, and technology has seen its hard times just like all industry sectors, but one area that appears poised to be one of technology's biggest benefactors is healthcare. When the Stimulus bill was passed, President Obama made it a point to bring healthcare technology front and center by providing $19 Billion dollars for the implementation of an electronic medical record (EMR). $19 Billion dollars certainly gets companies attention and most are either positioning themselves, or renewing their focus on healthcare to glean their share of this substantial investment of dollars. (read more)

Most businesses small and large have many IT needs but one that they continue to focus on as they move into a completely paperless world is data protection and, more specifically, data recovery. They know their current in-house backup and recovery processes are often less than adequate so when they ask hard questions like, "How long can I afford to be without my data?" and "What does losing that data mean to the company and the company's public reputation?", they don't like the answers. But what IT managers are surprised to learn as they look to move to a SaaS offering based on a cloud-based computing architecture for their backup and recovery services, they find there are many options from which to choose. (read more)

It is common for users to tell me they are just going to add some SATA disk trays to their existing primary storage while others have said they are going to just purchase the cheapest possible JBOD system that they can. There are a couple of concerns I have with either of these two approaches. In these examples, they are way too focused on the short-term cost savings that JBOD offers and they fail to fully consider the protection and preservation of their archived data over the long-term. If enterprises really did not need the archived data, then they are better off directing their IT staff to just completely remove the data from their environment anyway. (read more)

Disposing aging, depreciated or unneeded tape cartridges is an age old problem that companies resolve in one of three ways: they destroy them; they store them; or, they trade them in for hard cash or credits from resellers. This last option generates more than passing interest from companies since it offers them the opportunity to generate some revenue (or at least offset the cost of new tape cartridges). However the liabilities associated with the data on these recycled tape cartridges landing up in the wrong hands may outweigh whatever cost savings companies hope to achieve. (read more)

One of the more interesting conversations I had was with John Martin, VP of Product Management with Riverbed Technology. For those of you unfamiliar with Riverbed, its Steelhead® appliances provides WAN acceleration to improve application performance across corporate WANs. As part of the underlying secret sauce in these appliances, Riverbed uses compression and deduplication technologies (among others) to accelerate application performance. That information is fairly well known. What is not so well known is that it has seen instances where it has improved the data reduction rates by 30 - 70% of data that was already deduplicated, and it has specifically seen these results when testing with Data Domain's appliances. (read more)

The benefits that continuous data protection (CDP) technology provides as part of a company's overall data protection strategy are becoming more evident everyday. Point-in-time restores, faster recoveries and off-site replication of data for disaster recoveries are just some of the benefits that companies using CDP are already experiencing. However one of the challenges that companies may encounter as they look to deploy CDP that may hinder or even prevent its adoption is the need to deploy host agents on servers. (read more)

The 2008 Crypto Conference provided a lot to talk about this year. If you didn't know a Crypto Conference existed, you aren't alone, but it is where the best and brightest mathematicians gather to discuss cryptographic and cryptoanalytic research. However at this conference Adi Shamir (the "S" in RSA Security that stands for Rivest, Shamir and Adleman and that is now owned by EMC) gave a presentation for a new attack on encryption systems called the "cube attack". The ramifications of this attack sent a collective shockwave across the data security sector. Since encryption is revered as our best alternative and last safe harbor from data exposure, any weakness shown by encryption algorithms can have a dramatic ripple effect in data security. (read more)

When you really look into the data that your organization is archiving, there is usually a good reason for the business to retain that data, otherwise why would it be archived at all? Placing that data on a system designed and built from the ground up to be an archival repository is probably a really good idea. (read more)

Anecdotal evidence gathered by DCIG suggests that 50 percent or more of all companies deploying disk-based storage systems in multiple sites as backup targets are also opting to purchase replication software that replicates data between sites for enhanced data protection. For many companies, this purchase may represent their first foray into replication of any kind. As a result, it's not surprising that many are unprepared for the types of questions to ask when selecting replication software or what to expect from the accompanying management software. (read more)

In Asigra's recent release of Televaulting 8.0 data security remains at the forefront with their use of the AES encryption algorithm to encrypt data while in transmission across the network; or at rest in its DS-System or BLM Archiver. Televaulting's approach to encryption key management provides several options in how to best approach encryption key management. Televaulting 8.0 gives users and service providers several key ways to protect data from unauthorized exposure. (read more)

Our understanding of LTO-4 tape drive encryption is that individual tape drive vendors may encrypt data in different manners. We cautioned that if you have not standardized on an LTO-4 tape drive vendor, an LTO-4 tape cartridge encrypted by one vendor's drive may not be readable on another's LTO-4 tape drive. Our specific quote was "So even if all your tape drives are LTO-4, if they are from different vendors, an LTO tape encrypted by one tape drive may not work in another." (read more)

Imagine this scenario, you are sitting in your office enjoying your morning coffee when you are called into an emergency meeting and told that a backup tape containing customer's personally identifiable information has been lost. How you react to this revelation is obviously based on what steps, if any, you have previously taken to protect the customer information of your company's clients. So do you calmly notify everyone that all backup tapes are encrypted and thus customer information is safe and your company is not at risk? Or do you start checking websites to find out what the criminal and financial penalties are for storing unencrypted customer information on tape? (read more)

In a previous blog entry we discussed different technologies available to encrypt backup tapes and the unlimited liabilities associated with the breach of an unencrypted backup tape. Making sure the data on that tape is encrypted, however, is not an automatic cure-all. After all, encryption is only as strong as your key management and, in some states, encrypting backup tapes is no longer enough to protect your company from future risks. (read more)

Even if you do not closely monitor the data storage space, chances are still above average that you have seen headlines about BNY Mellon Bank losing unencrypted backup tapes and the ensuing media storm that surrounded this disaster. Since that loss occurred, the aftermath has expanded to affect clients from two other banks. Data losses can occur for any reason. They could be the work of a well-disciplined, external network attack or simply stumbling corporate negligence. In either case, it is unfortunately customers who suffer most as their personal information is compromised. (read more)

Today and tomorrow I am putting on both my reporter and analyst hats. Living in Omaha, NE, I am only a hop, skip and jump away from Minneapolis, MN, so I took the opportunity to drive up here to attend Compellent's annual C-Drive user conference that runs from May 6 - May 8 and do some live, on-site blogging about my experiences while I am here. Already a few notable items to report from last night's customer reception and this morning's opening presentation. (read more)

The more pressing question is not which method should companies choose to encrypt data but, "How do companies generate and manage the encryption keys that are used to encrypt and decrypt the data?" The obstacle here is that there is no industry standard way to generate or manage encryption keys long term. (read more)