290 likes | 608 Views
Stay Away From the USA Today Smart options for safeguarding stored data W. Curtis Preston V.P. Data Protection GlassHouse Technologies Before I go into my presentation let’s talk about a quick poll: Do you have documented security procedures in place for your storage infrastructure?
E N D
Stay Away From the USA Today Smart options for safeguarding stored data W. Curtis Preston V.P. Data Protection GlassHouse Technologies
Before I go into my presentation let’s talk about a quick poll: Do you have documented security procedures in place for your storage infrastructure? A) Yes B) No
And let’s ask one more question: Which of the following statements do you more strongly agree with? A) Off-line media poses the most serious threat to stored data B) Online information poses the most serious threat to stored data
Agenda • The Business Case for Security • Data Security Basics • Encryption Basics • Backup Encryption Options • Summary
The Business Case for Security • By design, backup is a plain-text application – to facilitate restores • All plain-text backup tapes are readable by black hats if they possess (and know how to use) the appropriate hardware and software • Backup tapes are handled by humans, and humans make mistakes • California SB 1386 (& future fed. law) requires written notification of exposures to customers. If not possible, it requires posting to web site and notification of media • Huge PR loss & potential loss of I.P.
The Business Case for Encryption • Multiple instances of tape loss and media notification in 2005 • Estimated notification cost of $5 per customer – higher cost per lost customer • The question for most companies is simple: “How much would you pay not to be on the cover of USA Today?”
Security Basics Information should be valid, and should be viewed only by those who need to see it • AuthenticationAre you who you say you are? • AuthorizationAre you allowed to see the data? • IntegrityIs the data you’re seeing what it is supposed to be? • EncryptionIf you’re not authorized or authenticated, you see gibberish • AuditLet’s check once in a while to make sure it’s all working
Quick poll before we get into the encryption basics: Are you currently encrypting your backup data? • A) Yes • B) No
What are you most concerned about? A) Losing private customer information B) Losing your company's intellectual property
What’s motivating you to research storage security solutions? A) Compliance B) Recent headlines C) A recent data loss D) Something else
Encryption Basics • It’s simply “reorganized” plain text • Plain text • SECURITY • Same text, encrypted • “19 5 3 21 18 9 20 25”
Private Key Encryption • Same key encrypts & decrypts • Also known as symmetric encryption • Example: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 • “S E C U R I T Y” becomes • “19 5 3 21 18 9 20 25” • Very fast, but must exchange keys • Used for bulk encryption
Public Key Encryption • Two keys, can encrypt with either, but must decrypt with the other key • Also known as asymmetric encryption • “Send me data with this key, and only I can decrypt it.” • Much slower than private key method • Often used to send private key • Used for authentication
Challenges & Risks • Biggest risk: unreadable backups • If you “lose the keys” • If the encryption product breaks • Challenges: Balance between usability & security • Give a copy of your house key to everyone you know (Anyone can get in your house, but so can you.) • Make one copy of your house key and put it in a combination safe (Only you can get in, but forget the combination & you are out of luck.)
Encryption Implementation Choices • Source encryption • Backup software encryption • In-line hardware encryption
Source Encryption • Encrypt the data in place where it originally resides • Features • Application encryption • File system encryption • Host-based applications • Solves the problem at the source • Does not slow down the backup • Costs • Often free with application (e.g. Oracle) • Multiple keys and key systems to manage, management costs will be high • Challenges • Can slow down primary application, not just backups • Risks • Many keys to lose • Summary: Best for small pieces of really sensitive data
Backup Software Encryption • Encrypt the data when it is backed up using backup software application • Applies to both backup software & electronic vaulting products • Features • Can encrypt data while transmitted and when stored • Costs • Inexpensive to implement for single systems (often <$500 per system), but per-system licenses add up • Challenges • Slows down backups and recoveries as much as 50% • Loss of compression • Usually single key systems: changing keys can render old backups unreadable • Risks • Rogue admin can read old backups, one key to lose • Summary: Best for encrypting small amounts of sensitive backup data
In-line Hardware Encryption • Encrypt data going to tape using an appliance installed in the data path (i.e. in-line) • Features • Appliance installed between backup server and tape drive • Appliances encrypt at line speed, invisible to backup app and tape drives • Private key for encryption, public key for authentication, allowing for • Key changes • Key quorums • Costs • Most expensive base price ($25K+) per unit, and large organizations probably need multiple units • Challenges • Could set quorum too high and not be able to read your data • Risks • All startup companies (although Decru now owned by NetApp) • Summary: Only choice for large volume encrypted backup
DR Considerations • Source Encryption • Does not affect recovery, need keys to oper. • Backup Software Encryption • Need key to recover. Loss of key=loss of data • In-line Hardware Encryption • Need an appliance and a quorum of keys to recover. Can use s/w version, but slower.
Should anyone not encrypt? • It is now possible to encrypt all backups • Cost of implementing encryption is relative to size of company & data value • Cost & risk of not encrypting is now much greater than encrypting • Translation: All off-site, cyclical backups should be encrypted • Don’t encrypt long-term archives/backups yet. Long-term risks still unknown.
Summary • Hardware encryption has highest initial cost, but is the easiest to implement and maintain, and should be invisible to all applications • Other methods may be less expensive to buy and maintain if customer is only encrypting data containing personal information
Vendors • Source Encryption • Microsoft (EFS), Oracle, Vormetric • Backup Software Encryption • All major backup software vendors (IBM, Symantec, EMC) • All electronic vaulting products (Asigra, Avamar, Connected, E-Vault, LiveVault) • In-line Hardware Encryption • Decru, Neoscale
So now that we’ve talked about security and encryption, lets take one more poll. What grade would you give your storage department for security readiness? A) Good B) Fair C) Poor D) Do not know