In a previous blog entry we discussed different technologies available to encrypt backup tapes and the unlimited liabilities associated with the breach of an unencrypted backup tape. Making sure the data on that tape is encrypted, however, is not an automatic cure-all. After all, encryption is only as strong as your key management and, in some states, encrypting backup tapes is no longer enough to protect your company from future risks. In these circumstances, proper key management needs to become a critical part of any data protection strategy or you will still face the lawsuits and public scrutiny you sought to avoid by deciding to encrypt the data in the first place.
Many states continue to expand their data breach legislation and most new state laws mandate customer notification if a data breach occurs. Many times companies are exempt if they have deployed tape encryption as liability protection against data loss, but that is not always enough. Some states, such as Pennsylvania, mandate proper key management as well as encryption to provide “safe harbor.” So, from a liability standpoint, proper key management can be as important as the encryption itself. From a data protection standpoint, your encryption keys need to be protected as much as your most important data.
Since IEEE Standard 1619.3 relating to key management is still in development, the onus remains on every company to develop its own key management initiative. As a result, it is more important than ever to research all potential solutions thoroughly to find the one that best fits your environment. If you have not yet standardized on a tape backup solution, such as Overland Storage‘s NEO SERIES tape library family, your tape encryption system will almost always face interoperability issues (interoperability between tape solutions and key management systems is needed to decrypt data so it remains accessible and usable in the short and long term).
No matter which encryption solution you choose, it needs to generate, distribute and store encryption keys in a secure manner. The National Institute of Standards and Technology (NIST) has developed recommendations for a better key management system. Suggestions include:
- Make a backup of your encryption keys and ensure any changes to the keys are backed up
- Ensure encryption keys are recoverable in the event of a disaster and are part of your disaster recovery plan
- Practice good physical and logical access controls around your encryption keys. Ensure that only authorized personnel have access to them
- Make sure compromised keys are locked out or destroyed
Any encryption key management system is only as secure as its key controls. So remember: protect your encryption keys as you would your most important data. Although there are several ways to encrypt data, whether it is LTO-4 drive-based encryption, software-based encryption or with an encryption appliance, encryption key management should be a primary consideration in any decision making.
Once data is encrypted, you must have the key to unlock it. Without proper key management, you run the risk of rendering the very data you were trying to protect unusable. Until a key management standard is in place and vendors make interoperability between tape systems a reality, take a careful look at any key management solution as a crucial part of your overall data protection strategy. The recoverability of your data and possibly the future of your company may depend upon it.