Now that we have DAT tapes capable of holding 8G and cartridge tapes capable of holding 20G, it's quite possible for an intruder to visit a corporate headquarters and walk out five minutes later with the entire corporate memory in his top pocket. Yet, companies that are terrified to connect to the Internet and which erect firewalls and other sophisticated security systems will happily leave 20G backup tapes sitting in tape drives, or lying around on people's desks. If data confidentiality is an issue in your organization, then you should take steps to ensure that your backup tapes are secure. Remember that if so much as a single backup tape goes missing, a competitor could have obtained an enormous amount of corporate intelligence. Just think of all the email, for a start! Here are some approaches to solving this problem: Track all tapes: Create an inventory of all "live" backup tapes in your organization. Give each tape a number and keep track of them at all times. Ensure that if a tape goes missing, even for a short time, that its absence will be detected. Physical security: Allocate a locked metal cupboard at your onsite and offsite backup locations to hold backup tapes. Control access to the keys. If possible, control access to the tape drive so that a backup tape cannot be stolen from the tape drive early one morning after a backup has taken place. Encryption: Encrypt all backup tapes so that if one is stolen, it is essentially useless. If a tape does go missing, immediately destroy all records of the encryption key and choose a new key. This will ensure that the key is not then obtained by whoever stole the tape. The exact means that you use to secure your backup tapes will depend on your situation. The important thing is to be aware of how important it is to secure such high-volume tapes.
Copyright © Ross Williams 1997. All rights reserved. |