How to keep stored data out of enemy hands

Tapes are especially vulnerable to security breaches because they are inherently portable, often transported off site and contain everything in the enterprise's computers.

What you will learn from this tip: A few ways to safeguard backup tapes.


In February, the Bank of America announced that it had lost backup tapes containing personal data and credit card information on 1.2 million government employees, including United States senators. While there is no evidence that this information has been misused, the simple fact that the loss occurred has created a huge, expensive problem and left the bank with a very black eye.

Once again, the primary lesson is that what's valuable -- and can get you in trouble -- is the data, not the hardware or tapes themselves. When we talk about "securing tape," we are really talking about securing the data on those tapes.

The secondary lesson is that you had better secure your backup and archive tapes, especially if they contain critical data about your business or your customers.

Tapes are especially vulnerable to security breaches because they are inherently portable, often transported off site and, in the case of backup tapes, contain everything in the enterprise's computers. What's worse, because they may not be used again for months or years, they can be gone for a long time before anyone notices -- if anyone ever notices.

There are a number of steps you can take to protect the data on your tapes and ensure that tapes themselves are less of a security risk.

  • Physically secure your tapes.

    Think of those tapes as bags of money and treat them accordingly. Always keep critical tapes under lock and key when they're not being used and transport them in locked containers, perhaps by a messenger who does not have a key to the container.

  • Encrypt your tapes.

    One simple protection is to encrypt your tapes. Encryption can help prevent misuse of the information should the tapes be stolen or otherwise compromised.

    Fortunately, many modern storage management systems and backup software provide encryption as a standard feature. If yours doesn't, consider using a separate encryption package.

    Vendors such as NeoScale Systems and Decru Inc. offer devices that have features such as encryption, key management, compression and digital signatures for tapes.

  • Set security policies for tapes and make sure they're followed.

    Experience shows that people will expose tape to risks that they would never expose a bag of money or a laptop computer to. But losing a bag of money is cheap compared with the cost if critical data on a tape is potentially compromised.

  • Audit your tapes and maintain records.

    The worst case scenario is having your data stolen and not realizing the tape is missing.

    There's an element of CYA here. If things get really, really nasty, it's extremely valuable to be able to document everything that happened to every important tape from the time critical data was recorded on it, until that data was erased or the tape destroyed.

    For more information:

    Tip: When to choose tape

    Topics: Tape backup

    Tip: Tape price hikes looming


    About the author: Rick Cook has been writing about mass storage since the days when the term meant an 80 K floppy disk. The computers he learned on used ferrite cores and magnetic drums. For the last twenty years, he has been a freelance writer specializing in storage and other computer issues.

  • This was first published in April 2005

    Dig deeper on Tape backup and tape libraries

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchSolidStateStorage

    SearchVirtualStorage

    SearchCloudStorage

    SearchDisasterRecovery

    SearchStorage

    SearchITChannel

    Close