Five questions for evaluating a tape encryption product

Five questions for evaluating a tape encryption product

By Jerome M. Wendt and Joshua Konkle
As you evaluate the different places in your data backup infrastructure where encryption can reside, here's a checklist of some important questions to ask:

Where in the storage infrastructure should you encrypt data?

This is the most fundamental question in selecting an encryption product. Each encryption architecture introduces significantly different considerations. Encryption key generation and management, increased backup windows, Fibre Channel SAN reconfigurations and heightened server overhead are just some of the factors a company needs to consider prior to adding encryption to its backup infrastructure.

How does the encryption software or appliance support key escrow and management for long-term data access and disaster recovery?

Key management is a compelling issue during any recovery, disaster or otherwise. If and when a company is required to recover data years later at its existing facility or during a disaster, it needs to have the keys used to encrypt the data before that data can be recovered.

How much space is required to encrypt the data?

Adding storage space in the form of more tape or disk isn't prohibitively expensive, but with encryption potentially increasing backed up data footprints by 20% or more, controlling the impact of encryption on storage growth is paramount. Compression is almost always part of the encryption process, so ascertain what capacity savings compression will provide and if that offsets the

    Requires Free Membership to View

    Login

    When you register for SearchDataBackup.com, you’ll also receive targeted emails from my team of award-winning editorial writers. Because your job never seems to get any easier, it’s our goal to keep you up-to-date on the latest backup tips, trends and technologies that will help you get the job done.

    Rich Castagna, Editorial Director

    By submitting your registration information to SearchDataBackup.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchDataBackup.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

hit on backup performance and lengthier backup windows.

Is deduplication done prior to encryption?

In the long term, deduplication should offer better performance characteristics than compression, but on the initial pass backup windows can be horrific. Verify how deduplication products generate and manage encryption keys and what options administrators have to change them over time.

What is the likelihood of searching and accessing data after it's encrypted?

If data is encrypted and stored on tape without being indexed first, it's prohibitively expensive to search and index the data later.

This article first appeared in Storage magazine. Click here for the entire article.


This was first published in April 2008

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Back to top