Encrypting Backup Data is Not Just for Online Backup

I have noticed that when data encryption is mentioned about backup data, it is almost always in the context of online backup. It is quite obvious that backup data needs to be encrypted when it is transmitted over a network. But it doesn't seem to be so obvious that a tape with the same backup data needs to be encrypted when it is stored offsite. I am quite sure that the backup tape is the bigger risk. There have been many more security breaches involving lost and mishandled backup tapes than breaches involving online backup.

Every online backup service that I am aware of encrypts backup data during transmission and most of them store the data in encrypted form. Some backup services are more secure than others, and few online backup services do an excellent job of securing data.

Most modern tape backup systems also provide encryption technology, but the encryption is not used in the majority of cases. I think there are two reasons for this: 1) some don't think encryption is needed for tapes, and 2) some IT operations just haven't updated their processes yet. As for the first reason; a tape being handed over to courier that makes stops all over town before delivering your tape to a storage location, is at least as vulnerable as data being transmitted over the Internet. For the IT shops that haven't updated their procedures; all it takes is to designate an IT professional as responsible for implementing the encryption that is already part of the backup software. There is a relatively minor upfront cost in terms of someone's time to get the encryption turned on, tested, and procedures documented, but after the initial hit, there is no additional cost.

Even if backup media is not being stored offsite, it should be encrypted. How many times have you heard about a diskette, hard-drive, or tape being lost or stolen that contains sensitive information. Encryption is for every backup job. Don't wait until sensitive data is compromised.

1 comment:

iDeals said...

Nowadays, many cloud storage vendors are using advance data encryption techniques, antivirus scanning procedures, data backup techniques, and other security solutions that a personal computing environment cannot offer. By keeping important data in the cloud, you can save it from all the major threats such as environmental threats, unauthorized users, technical failures and malicious software.