There’s No Excuse for No Encryption!
What started out as a technology aimed at the financial industry, data encryption has since become the standard. Think about it: health records, social media accounts, state and local records all contain customers’ personal information. Security breaches are common and equally troublesome for these industries and verticals. Before encryption, data was stored on rotational hard drives and could be read by anyone with access. In an encrypted scenario, the data written on the disk is jumbled using an algorithm. In this encrypted format, if the hard drive was to get into the wrong hands, the data wouldn’t be usable without an encryption key. It’s more or less the last line of defense in protecting data.
A more relevant question is, ‘how does data encryption fit into my overall storage and data security strategy?’
Hardware or Software Encryption?
Data encryption plays well into the greater security discussion. It’s definitely a layered approach where you need to look at your entire security infrastructure. There’s a couple of different ways that data can be encrypted on a storage mechanism: with software or hardware.
With software-based encryption, there’s an algorithm that’s inside the storage device itself that allows for an AES256 bit encryption mechanism (for instance). From a hardware standpoint, the encryption occurs at the drive level. Whatever you choose, you shouldn’t have to break your budget to do it. In truth, a data-at-rest-encryption solution generally costs about 10 to 15 percent more than an unencrypted disk storage array.
What in my Environment Requires Encryption?
It really boils down to policies inside and organization and the value of data you’re talking about. PowerPoint presentations and word documents, for example, are probably not critically important or sensitive. As a result, those should be segmented appropriately on your network. On the other hand, information that’s part of your CRM package, your accounting software, financials, customer data, price books, these are items that should reside in an encrypted state. In essence, figure out what data in your environment you can’t live without, what’s competitive and sensitive, what’s protected enough with traditional archival policies, and where you’re going in the future. Look at those opportunity costs and make a decision from there.
When considering data encryption, talk to a trusted storage advisor about any latency concerns and how data encryption options fit into your tiered storage infrastructure and backup solution. Today with almost no performance penalties you can get virtual tape backup solutions at close to the price point of a physical tape solution with features like data-at-rest-encryption. These virtual tape solutions reduce the burden placed on backup and recovery operations and reduce the time it takes to access data.