The prevention of data leaks today is a main concern for most IT administrators. Data leaks expose confidential information of companies, employees, and clients. It can effect credit ratings, press coverage, reputation, fines, and overall business. So it is no wonder that preventing the loss of data is a high priority for IT professionals. One of the main methods for preventing data leaks is through backup encryption. There have been many laws written that protect the identities of consumers and force businesses to be proactive by enforcing fines on violations.
For violations of data loss that was not encrypted, companies are forced to report upon it. Thus, encryption is crucial, not only to remain compliant, but to prevent data leaks from occuring. Businesses today rely on their network infrastructure and most of their data resides on their central server mainframe. Because many companies back up their central mainframes with backup tapes, it goes without saying that there is confidential data on those tapes. This is why encrypting those backup tapes is important to data security. Many companies transport those tapes to offsite locations for disaster recovery purposes. This transport poses a security risk due to the fact that the data leaves the secured server room and is often exposed to the general public during travel. Backup tapes can also touch many hands during the process. Using backup encryption can help protect the data no matter where it is.
As with all data loss prevention, there is always a bit of risk management involved. There is a balance to be looked at between the encryption of confidential data and the overhead cost of implementing it. Data that is not confidential or business critical does not need the same backup encryption levels that other more private information does. It is important to identify what data requires backup encryption and what data does not. Also, data that goes offsite should always be encrypted due to the higher risk. Other files such as operating system files, temporary files, or disaster recovery start-up files do not need encryption applied to them.
It is also important to take a look at older data that resides on tape. Making the move to backup encryption is important. But unlike most upgrades, you can’t just ignore the data that resides on your old backup system or tapes. This data can be just as valuable to theives as your most recent backups. That is why it is paramount to encrypt the data located on all your backup tapes and not just tapes used in the future.
Backup encryption is a key part of your solution to protecting your network’s data. Make no compromises when it comes to data loss prevention.
September 16th, 2008 at 6:52 pm
The additional factor for consideration is managing the encryption itself. If you’re manually managing your certs and keys via spreadsheet, there’s bound to be trouble. See http://www.eweek.com/c/a/Security/How-Does-Your-Enterprise-Manage-Digital-Certificates/
November 20th, 2008 at 1:35 pm
Hi,
Thanks for sharing such a nice information with us!!