| LTO-4 tape drives, the newest incarnation of the LTO format, introduced users to drive-level encryption capabilities, as well as doubled the capacity and speed of the previous LTO generation.
But users haven't wholly embraced LTO-4's encryption capabilities. In a recent Storage survey, 15% of respondents cited native encryption as their reason for upgrading to LTO-4 tape and more than a third of those using LTO-4 weren't employing the encryption. Several respondents cited concerns over key management and worries about backup software vendors not supporting encryption features.
Ray Littlefield, storage administrator at Conservation International, an Arlington, VA-based nonprofit environmental group, is considering LTO-4 drives as an upgrade from his current LTO-2 setup. Encryption is enticing to Littlefield, and the main reason he's mulling over the update. "Encryption is like a rider on the insurance policy that says 'insurance against data theft too,'" writes Littlefield in an email. However, he adds, "the key consideration is whether the technology will be around three to five years from now so that the equipment will still be available if you need to restore those encrypted tapes."
Richard Tocci, technical support lead at AMS Services, which makes insurance agency automation software, doesn't yet have the backup needs to upgrade to LTO-4, but worries about the long-term availability of encrypted data. "What mostly concerns me is loss of the passphrase," he writes in an email, "or having to restore emergency data from a device where the tape is locked down by encryption."
Managing tape encryption might be as simple as remembering where you put your keys. Cindy Grossman, VP of tape storage solutions at IBM, thinks effective key management is what users encrypting data need to focus on. According to IBM's Grossman, it's all about keeping track of the keystore, the unique identifying information that lets users access data after it's been encrypted.
IBM, one of the members of the LTO Consortium, started shipping its LTO-4s last April. "We've been working with clients to help demystify the scariness of 'What if I lose a key?'" says Grossman. "It's really more a fear of the unknown." IBM's consulting service usually asks LTO-4 customers to decide how many keys they'll need, who will have key access and manage keys, and whether they will re-key periodically--essentially the same as changing a password regularly.
Grossman says some clients worry that they'll have to rewrite all of their existing data on encrypted tapes, a scenario she says isn't realistic. "The best practice is to encrypt going forward," she says.
Keeping track of the key is the core ingredient to unlocking encrypted data after a disaster. That's assuming AES-256 encryption stays the same, standards don't change, and LTO "write backward one generation, read backward two generations" rules are followed.
Grossman thinks LTO-4's encryption chip will become commonplace for all disk and tape drives. Managing the key-based encryption is where more development will happen. "That's the piece that's going to evolve to be a little more sophisticated over time," she says. "I think we will see the whole key management piece becoming more automated, perhaps more policy based.
"Maybe in three or four years, maybe longer, we'll have more customers that encrypt than don't," she continues. "I think we're still in an evolution process of clients trying to decide how they're going to do it."
Fears over lost data and the accompanying PR continue to haunt businesses and drive encryption. "We don't want to be the next organization listed in the newspaper as having their backup tapes lost or stolen without being encrypted," writes Conservation International's Littlefield. "Data theft is just another type of disaster you're trying to protect against."