Is encryption enough?


This article can also be found in the Premium Editorial Download "Storage magazine: What to do when storage capacity keeps growing."

Download it now to read this article plus other related content.

Encryption plays a role in securing stored data, but it's not necessarily a storage decision. "Encryption really is a function of the content--there are internal and external factors to consider, compliance issues [and] questions about where to do encryption," says Budnik. "It's really a corporate decision." He suggests some alternatives to storage encryption: "Is it possible to insist that the application vendor encrypt the proper fields? Maybe the database vendor or the enterprise resource planning vendor should provide utilities to encrypt certain fields and columns."

Encryption is good only if you have good authentication to begin with, adds GlassHouse's Preston. "The core security problem with SANs is not encryption, but the lack of proper authentication," he says.

"We aren't advising customers to encrypt their data generally," says Datalink's Robinson. "They should encrypt selected data going offsite and, over the next 12 to 18 months, they may want to begin to encrypt certain data sets, such as financial or customer data."

VeriCenter does a limited amount of encryption when customers insist. "Encryption slows down backup and key management is difficult," says the firm's Granger "Still, a few customers encrypt at the database level."

Industry analysts and consultants see three major obstacles to widespread storage encryption at this point: cost, latency and key management. As for cost, encryption

Requires Free Membership to View

is expensive. "I have seen enterprises that spent $1 million on storage encryption appliances," says Preston.

In terms of latency, encryption is CPU-intensive. Even with fast, dedicated processors offloading the task, it entails another step when storing and retrieving the data.

Key management is both risky and costly. The risk lies in the potential to lose keys, which will render the encrypted data useless. "Key management also increases costs because it requires more administration," says consultant Gill.

This was first published in June 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: