Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] Encrpyption

2008-01-12 00:35:58
Subject: Re: [Networker] Encrpyption
From: Curtis Preston <cpreston AT GLASSHOUSE DOT COM>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Sat, 12 Jan 2008 00:29:22 -0500 
Stan said: 
>Do you propose that some Joe NetWorker administrator have access to  
>his or her organization's security keys? I for one would not want to  
>have that level of responsibility. The person who holds the keys  
>should be in the data security group, not the backup group. I have  

What you're describing is OLD style key management, like that found in
the checkbox feature that NW already has.  I would assume that if they
add code to support tape drive encryption management, they will not have
a single-key system that would rely on (or be vulnerable to attack by)
one person.  A good key management system never lets you see the actual
key.  There would be multiple security admins that would enable/disable
encryption, and the loss of one or more them would not cripple the
system any more than losing a sysadmin cripples your ability to
administer the box.

For something analogous to this, consider an installation of Unix/Linux
where the root password is periodically set to a random value that
nobody knows.   (This is the encryption key in my analogy.)  Admins are
put in the sudo group.  If you need to do adminy things, you run sudo
and authenticate with your own password.  (Any tools that would allow
you to change the root password are disabled or removed.  For example,
you can't run "sudo passwd root.")  If someone goes rogue, is fired or
quits, you delete their account & delete them out of the sudo group.
Then when you hire the replacement, create their account and add them to
the sudo group -- life goes on. Notice no one ever knows or needs the
root password.

A good key management system would do the same.

---
W. Curtis Preston
Backup Blog @ www.backupcentral.com
VP Data Protection, GlassHouse Technologies 

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] Encrpyption, Siobhán Ellis
Next by Date:  Re: [Networker] Encrpyption, Curtis Preston
Previous by Thread:  Re: [Networker] Encrpyption, David Magda
Next by Thread:  Re: [Networker] Encrpyption, David Magda
Indexes:  [Date] [Thread] [Top] [All Lists]