This article can also be found in the Premium Editorial Download "Storage magazine: Upgrade path bumpy for major backup app."
Download it now to read this article plus other related content.
Why all the fuss?
Key management might seem like any other administrative function that accompanies a new IT technology. But encryption is evolving from an esoteric technology used by government agencies to a mainstream computing reality. By 2008, encryption is likely to be standard fare on every enterprise tape drive. In a few years, when encryption technology is all over the storage infrastructure, key management will become a very big deal because of the following:
Key management will become a major burden. Enterprises migrated from DAS to SANs largely because managing dozens of individual disk subsystems was an operational challenge. The same pattern will happen if CIOs bring in encryption technologies willy-nilly.
The encryption key security chain is only as strong as its weakest link. One unprotected key management system can unlock confidential data. The more key management systems there are, the more likely it is that this will happen.
Disaster recovery could be a nightmare. It's hard enough to restore multitiered business apps; imagine the added encumbrance of having to restore numerous key management servers before any data is available. What's more, disaster recovery could come to a screeching halt if one key management server is corrupted or its keys are lost.
Added security and encryption is a must-have, and key management woes can't slow down progress or place the business at risk. This is where centralized
No one expects storage professionals to become instant security gurus or cryptologists, but it's no longer acceptable to ignore the issue. Moving forward, encryption basics are an absolutely essential skill for storage professionals. In this pursuit of knowledge, avoid the mathematical details and focus on the critical topic of key management.
This was first published in September 2006