Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] Encrpyption

2008-01-12 12:13:30
Subject: Re: [Networker] Encrpyption
From: David Magda <dmagda AT EE.RYERSON DOT CA>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Sat, 12 Jan 2008 12:03:35 -0500 
On Jan 12, 2008, at 00:29, Curtis Preston wrote:


Stan said:

Do you propose that some Joe NetWorker administrator have access to
his or her organization's security keys? I for one would not want to
have that level of responsibility. The person who holds the keys
should be in the data security group, not the backup group. I have


What you're describing is OLD style key management, like that found in
the checkbox feature that NW already has.  I would assume that if they
add code to support tape drive encryption management, they will not have 
a single-key system that would rely on (or be vulnerable to attack by)
one person. A good key management system never lets you see the actual key. There would be multiple security admins that would enable/ disable 
encryption, and the loss of one or more them would not cripple the
system any more than losing a sysadmin cripples your ability to
administer the box.


[...]


A good key management system would do the same.
I still think that software products should support keeping keys inside their internal databases and directly interacting with (LTO-4) drives. This would cover the simple scenario of your offsite media being lost or stolen. While this may not cover the situations of an insider or disgruntled (ex-)employee doing things to the data, it is a basic precaution if you want to protect things like your database backups, which may have customer data.
If your security policy, or level of paranoia (or regulatory framework), dictates that you can't see the encryption keys, or access to them is segmented off to a group of people other than your sys admins, then you can go ahead and add third part key management systems. However, as someone who's worked in smaller departments and companies (with both Networker and NetBackup), I'd like to have the option of clicking on a check-box to enable encryption on the drive and be done with it.
I can understand larger organizations and public companies needing more 'robust' things, but I don't see why this functionality can't be there even though it may be considered "less secure", especially when the alternative is to have no protection for your tapes (which is the case in many instances now). (And I don't consider the "aes" ASM a viable long-term option now as it eats CPU and kills hardware compression.) 

To sign off this list, send email to listserv AT listserv.temple DOT edu and type 
"signoff networker" in the body of the email. Please write to networker-request 
AT listserv.temple DOT edu if you have any problems with this list. You can access the 
archives at http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] Recommendations for new tape library?, Curtis Preston
Next by Date:  [Networker] 7.3/7.4 with older clients., Yaron Zabary
Previous by Thread:  Re: [Networker] Encrpyption, Curtis Preston
Next by Thread:  Re: [Networker] Encrpyption, Davina Treiber
Indexes:  [Date] [Thread] [Top] [All Lists]