Can you explain the various ways which are available to perform backup tape encryption today?
There are a lot of ways to encrypt tape. Data-level encryption involves encryption of data before it is backed up to tape. This can be done as a function of most file systems today. You also have encryption tools in backup software which encrypt the backup container -- the file folder, if you will -- that holds backup data. A third approach is to use hardware-based encryption, which is available as an option on most tape libraries today. And there is media/drive-level encryption.
With LTO 4, vendors claimed that media encryption (AES-GCM) complied with Federal Information Processing Standards for Level 2 or Level 3 secure data centers. If you used LTO 4, and sought to obtain legal certification using FIPS rules, all you needed to do was turn on native LTO 4 encryption. That wasn’t true. At this point, it may seem like much ado about nothing, but it is worth checking to see what kind of backup tape encryption will satisfy the characterization of your tape practice against the backdrop of differing data center security standards.
Dig Deeper on Tape backup and tape libraries
Related Q&A from Jon Toigo
Parallel computing technology has not seen widespread use in the business world, but could that change? Jon Toigo discusses parallel I/O for ...continue reading
Software-defined storage architecture can be implemented in several different forms that all expose software functionality to hardware across an ...continue reading
Flash wear is an important concern in VMware and Hyper-V environments because features such as caching and deduplication can negatively impact ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.