This article can also be found in the Premium Editorial Download "Storage magazine: What you need to know about data storage provisioning."
Download it now to read this article plus other related content.
Encryption is an effective way to secure data, but the encryption keys used must be carefully managed to ensure data remains protected and accessible when needed.
Encryption is pushing its way into more corners of the enterprise. From database fields for customer credit cards or social security numbers, to laptop hard drives with proprietary data, more storage is being encrypted more frequently. Every encrypted item needs a key to unlock the encrypted data, and managing the hundreds or thousands of keys used across an enterprise can be a big headache.
The specter of data loss is the biggest reason why encryption isn't implemented more widely. Most experienced system administrators are conservative when it comes to new technologies that could potentially lock them out of their own data. On the other hand, business requirements, legislation and liability for lost data are driving encryption forward. For the moment, centrally and securely managing encryption of all of the various types of data across the whole enterprise is only a dream--unless you use the same vendor for all of your encryption tasks.
Many vendors are pushing for a single encryption-key management standard. Decru Inc., nCipher Corp. Ltd., NeoScale Systems Inc. and Vormetric Inc. all have, or will shortly have, open platforms that should be able to manage keys from other vendors. All of these systems control key access, even if the storage systems are compromised and the keys
This was first published in October 2006