However, you needn't look hard to find highly publicized examples of lost tapes and hacked files, which led to...
expensive legal problems. Encryption is one means of protecting data against any loss -- even if a tape is lost or a server is hacked, sensitive data cannot be read. Encryption can also help to meet growing regulatory requirements for data protection.
This Buying Guide covers the major factors involved in evaluating encryption products. Each chapter in the guide will offer a set of buying points and product specifications that can help readers identify prospective new encryption products in tape drives, software and dedicated appliances. The first thing to do is to identify the main concerns related to encryption.
Determine exactly which data needs to be encrypted. Not all data needs to be encrypted -- only personally identifiable information (names with birth dates and social security numbers), or other sensitive information types delineated by industry standards, government regulations or common business practices. Reducing the encryption load can ease any impact on backup performance or media utilization. IT should not make this decision in a vacuum; each major department of the company should be involved. A good time to discuss the need for encryption is when setting retention policies for each file type.
Decide where to encrypt. Encryption can be implemented through a specific application when data is actually saved (such as Oracle), though that will only encrypt data for that specific application. The broader form of "source" encryption takes place at the backup server through backup software such as EMC Corp.'s Legato, Symantec Corp.'s Veritas NetBackup or IBM's Tivoli Storage Manager. Both types of "source" encryption can impair a server's performance since encryption is CPU-intensive.
Data can also be encrypted at the media itself. For example, LTO-4 tape drives incorporate AES-256 bit encryption. This eases any performance impact on backup jobs, and provides protected tapes that can be sent offsite.
Finally, data can be encrypted in-flight using a dedicated security appliance such as Decru's DataFort , the StrongBox TapeSentry from Crossroads Systems Inc. or the CryptoStor family from NeoScale Systems Inc. While dedicated appliances can be more expensive than software-only solutions, they typically offer superior performance by encrypting/decrypting data at line speed -- imposing little (if any) performance penalty.
Determine the impact of encryption on compression. Compression works by removing redundant elements of information from a data stream. Encryption, however, randomizes the data stream and removes all redundancy. If you implement encryption prior to compression, you'll lose the compression feature in your drives or backup software. You then need more media to complete the backup or time to transfer across the wire.
Increased media requirements will raise the cost and maintenance burden of any backup processes. Reducing the amount of compressed data (e.g., encrypting only selected data) can mitigate this issue, but implementing encryption after the compression process can also help.
Encryption can affect performance. Encryption is a mathematical process, and when implemented in software, can demand significant processing power from the host server. This, in turn, can affect performance. The penalty for software-based encryption products can reach 40-50%, depending on the type of encryption and the files being protected. (By comparison, a dedicated hardware encryption box might impair performance by 10% or less.)
This performance hit means that encryption will take longer to process backups or conduct remote data transfers, posing a dilemma for storage administrators who already struggle with bloated backup windows and WAN bandwidth limitations. Most storage professionals resolve this quandary by encrypting only the most sensitive data.
Weigh the implications of encryption key management. All encryption requires the use of a unique "key," which seeds the encryption algorithm. The key is also needed to decrypt the data later on when files are read from tapes or disks; without it, encrypted data is unreadable. Companies must impose strict controls and policies (such as "key quorums") to ensure that the only folks with access to the key are responsible storage professionals.