Storage Management Strategies for the CIO
This article can also be found in the Premium Editorial Download "Storage magazine: Upgrade path bumpy for major backup app."
Download it now to read this article plus other related content.
Why all the fuss?
Key management might seem like any other administrative function that accompanies a new IT technology. But encryption is evolving from an esoteric technology used by government agencies to a mainstream computing reality. By 2008, encryption is likely to be standard fare on every enterprise tape drive. In a few years, when encryption technology is all over the storage infrastructure, key management will become a very big deal because of the following:
Key management will become a major burden. Enterprises migrated from DAS to SANs largely because managing dozens of individual disk subsystems was an operational challenge. The same pattern will happen if CIOs bring in encryption technologies willy-nilly.
The encryption key security chain is only as strong as its weakest link. One unprotected key management system can unlock confidential data. The more key management systems there are, the more likely it is that this will happen.
Disaster recovery could be a nightmare. It's hard enough to restore multitiered business apps; imagine the added encumbrance of having to restore numerous key management servers before any data is available. What's more, disaster recovery could come to a screeching halt if one key management server is corrupted or its keys are lost.
Added security and encryption is a must-have, and key management woes can't slow down progress or place the business at risk. This is where centralized
Requires Free Membership to View
key management services come into play, and there are already a few vendors with product offerings. Given the critical function of key management, expect lots of other vendors to jump into the pool within the next 12 to 18 months.
Bottom line
No one expects storage professionals to become instant security gurus or cryptologists, but it's no longer acceptable to ignore the issue. Moving forward, encryption basics are an absolutely essential skill for storage professionals. In this pursuit of knowledge, avoid the mathematical details and focus on the critical topic of key management.
This was first published in September 2006
Join the conversationComment
Share
Comments
Results
Contribute to the conversation