Tip

Choosing a tape encryption product

As the fear of public relations nightmares over lost tapes are mounting and compliance requirements around safeguarding personal data are becoming more stringent, many organizations -- notably in the financial sector -- have been looking at various solutions to prevent backup and archive data from ending up in the wrong hands. A growing number of organizations are contemplating disk-to-disk (D2D)

Requires Free Membership to View

backup solutions to work around this issue. They reason that if the data doesn't leave the realms of the IT environment, the risk of losing media containing confidential data is significantly reduced.

However, for different reasons, not all companies are in a hurry to leave tape technology behind. For example, some companies have made significant investments in tape storage and still might be a few years away from replacing tape with disk-only storage. That said, these same companies may still have an immediate requirement to demonstrate that data is secure and unreadable by unauthorized parties once it leaves their sites. This is where encryption at the tape device level comes into play.

At this point, the only two contenders with market-ready tape device level encryption offerings are IBM Corp. with its System Storage TS1120 and System Storage TS1040 drives, and Sun Microsystems Inc.'s StorageTek T10000 tape drive. Quantum Corp. also remarkets IBM drives for some of its libraries. All drives offer similar performance and vary in capacity (see the table below).

Technology Native capacity per cartridge (uncompressed) Native transfer rate
IBM TS1120 (3592) 700 GB 104 MBps
IBM TS1040 (LTO-4) 800 GB 120 MBps
Sun StorageTek T10000 500 GB 120 MBps

There are differences worth noting between the technologies such as pricing; both the Sun StorageTek T10000 and IBM TS1120 were listed in the $30,000 range, while the IBM TS1040 was initially listed in the $20,000 range. The IBM offering is also available in SCSI or SAS-only format (no Fibre) for a little more than $5,000 as the TS2340. Both the StorageTek T10000 and IBM TS1120 drives target the 9840 and 3592 market, which is typically enterprise class. The IBM TS1040 and SCSI/SAS equivalent TS2340 offer a cost-effective alternative for the small and medium-sized business (SMB) space.

Also worth noting are the differences in encryption key management. Sun's StorageTek relies on a Crypto Key Management Station (KMS), which is a chargeable feature and must be installed on a Sun Solaris platform. This is in contrast with IBM's Java-based key management, which can be installed on a Microsoft Windows-based host, and is provided at no extra cost. IBM's key management can also be handled by its Tivoli Storage Manager (TSM) backup software.

One critical aspect of key management common to all options is the need for backups. To that effect, Sun's KMS allows for the creation of a local backup and remote replication to another KMS. IBM's key store can be backed up on the host system, or if managed by TSM, backed up internally though TSM. In any case, it must be noted that key management backups shouldn't be stored on the encrypted media it manages.

About the author: Pierre Dorion is a certified business continuity professional for Mainland Information Systems Inc.


This was first published in February 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.