A feeding frenzy for storage encryption

Numerous research and analysis firms are already projecting information security to be the next big boom in technology spending, and the storage guys are hoping to go along for the ride with encryption products.

Before you jump on the storage encryption bandwagon, you need to think things through. Security may be getting a free ride on the backs of current and upcoming legal mandates, with an organization's front office temporarily suspending requirements for a rigorous business-value case for every IT acquisition proposed. But that doesn't mean encrypting your data is the right thing to do or that current tools are the silver bullets for getting the job done.

One statistic that keeps coming up is this: encrypting your backups can impose a 40-percent delay on data restore rates, assuming that you have the presence of mind to stash offsite and out of harm's way the keys and another copy of whatever you used to encrypt the data.

Doing the math, this means that the restore time for a TB of backup data, which takes about 3 hours under nominal conditions, will now require 4.3 hours. Multiply that by a 10 TB backup and you are talking 43 hours to do the job. Can your disaster recovery plan stand that?

The real solution is the same: better data management. Ultimately, we will not solve the problems of data security by throwing encrypted disks at it. We need to identify the data that needs to be protected and judiciously apply the right technology and encryption. That is real compliance, and you won't have to sell your soul to a vendor to realize it.