This article can also be found in the Premium Editorial Download "Storage magazine: What you need to know about data storage provisioning."
Download it now to read this article plus other related content.
Why not encrypt?
So far, everything sounds rosy. We pick a location for encryption, plug in a device and our data is protected. But it's not quite that easy. Encryption is only as good as the access control around it, and you can wind up locking yourself out as easily as the bad guys.
First, it's easy to lock the doors and open the windows. By encrypting data "down the stack," we create a new vulnerability. An encrypting file system won't protect data from an intruder logged into the server--they could see unencrypted data as long as they're logged into the right account. Many exploits use a trusted application to enter a system; if your Web server software can see your data, so can any worm that infects it.
We also need to make sure that we don't lock ourselves out of the house. You can easily do this if you have too many locks that need their own keys. On the flip side, too few keys can be a problem, as well. Remember the legend of there being only eight Volkswagen Beetle keys? Supposedly, owners were often able to get into the wrong car and start it up. We therefore need to make sure that each data domain is encrypted with a separate key without having to deal with thousands of keys.
The trick is key management, an area on which more vendors are focusing their efforts. NeoScale, a leading maker of encryption appliances, recently introduced a specialized key management appliance called CryptoStor KeyVault (see "
There's one big problem with encrypting data through a network, however. Encryption protects data from all types of examination, including the kind done by all of the other hot storage networking products. Want to do compression, deduplication, virtualization, advanced routing or archiving? Each of these features requires inspection of the data, and encryption can prevent them from functioning.
Let's start with compression. Lots of folks want to encrypt backup tapes, but many more are currently compressing that data. Compression generally works by replacing repeating patterns in the data with smaller placeholders. But encryption, by design, eliminates these commonalities. Run your backup stream through an encryption appliance and the result is uncompressible. In fact, it might even expand a little, according to one vendor I spoke with.
The same holds true for other technologies. Deduplication will find no duplication. Thin provisioning might think all the space is used. Anything that tries to examine the data stream will simply fail. The choices at this point are to have encryption of data in movement and no other features, to limit encryption to data at rest (after the others have had their say with the data) or to skip encryption entirely. Combine this headache with key management challenges, and most users decide to just skip it. In fact, a recent survey of GlassHouse customers revealed that just 20% of them encrypt backup data and even fewer encrypt storage on disk.
This was first published in October 2006