Customer problem

Virtual Tape Library (VTL) has gained rapid adoption among organizations looking to lower-cost, disk-based technologies to solve their backup problems. Users value VTL's ease of implementation, ability to integrate with existing tape backup infrastructures and ability to allow users to recover data rapidly and inexpensively.

 

As organizations deploy these additional storage tiers, however, they introduce new vulnerabilities to data that require protection. These vulnerabilities include:

• Centralized backup facilities that give unscrupulous employees or service contractors the opportunity to access confidential financial information, employee data, development plans or other intellectual property that is critical to a business. These vulnerabilities occur without needing access to the actual database, email, application or file server, or disk storage systems.
• Physical access that allows an administrator to install an unauthorized backup server and restore sensitive data to an unauthorized location. IT administrators with the proper physical access credentials can install an unauthorized backup from a VTL system and access any data they desire. For many organizations, this vulnerability alone is a violation of data privacy legislation and industry standards.
• Low cost SATA disk drives that are much more prone to failure may report "false positive" failure states and are returned to vendors or disposed of without regard to the sensitive data stored on them. Once out of the control of IT, that data is open for misuse by anyone with access to such drives.

 

 

SecureVTL solution overview

To effectively and affordably mitigate the possibility of litigation, loss of reputation, and penalties from regulation non-compliance, CipherMax provides its enterprise-class SecureVTL solution designed to protect local or remote VTL backup data from unauthorized access.

The solutions combine CipherMax's enterprise data encryption systems with any commercial VTL system. The solutions also interoperate with any existing Fibre Channel SAN fabric and any FC switch-capable disk storage array. The solution results in no performance degradation and provides a transparent solution to the end user. No changes in operation are required.

 

Solution highlights

The implementation of the SecureVTL solution with generic disk arrays, VTL systems and CipherMax hardware and software demonstrates the feasibility and affordability of encrypting all archived data in an environment. The flexibility and versatility of the solution allows for adaptability to each environment and architecture as part of a layered security approach.

Solution highlights include:

• Deployability in disk-to-disk or disk-to-disk-to-tape configurations.
• Transparent integration into heterogeneous backup SAN configurations, including backup server hardware platform, OS, application and FC HBA vendor or model.
• Interoperability with any VTL system software/hardware combination and any switch fabric capable disk storage array.
• Scalable, affordable, reliable AES-256 encryption.