- FBI warns Hit Man e-mail scammer back
- 20 tech habits to improve your life
- Industry mourns slain Cisco exec
- 10 Firefox add-ons for better browsing
- Wireless LANs face scaling challenges
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Data should be encrypted in transit. All you need to remember are those six words. When your company ships a pile of back-up tapes from Point A to Point B, that's "in transit." The data on those tapes should be encrypted. Period. End of discussion.
Let me put it another way. People connect to your network over the Internet via some kind of VPN that uses encryption, right? You wouldn't think of shutting down your IPSec or SSL VPN and going back to unencrypted Point-to-Point Tunneling Protocol would you? "Of course not," you say. Well, that's data in transit, and it's encrypted. Not because you think that anyone is necessarily trying to listen in. But just in case.
It's the same way with back-up tapes that you plan to ship somewhere. You can probably send tapes out every day, even twice a day, for years and never lose a set. But as good as FedEx may be, chances are it's going to lose a package sooner or later. So just in case, the data should be encrypted. It's inexpensive-there's no excuse for not encrypting. By network standards, tape drives are dog slow. Your average $300 home firewall will encrypt at 70M to 80M bit/sec - nearly twice as fast as your typical digital linear tape drive. And that dual-CPU, 3.2-GHz server you're using to run the tape drives can do it without breaking a sweat.
What bothers me about this issue are the amazingly long rivers of text written by people who don't understand why operations managers who don't encrypt data in transit should be fired. This is not a complex issue; it's a simple one. I feel like Ernest Hemingway here. Encrypt your data.
Of course, I know why the tapes aren't encrypted. It's that status quo thing I wrote about in my last column . Operations managers have been directing backups for 10, maybe 20 years. Back then, we never thought about the security of data on tapes, and many operations managers have never revisited the issue. The security team probably never thought to call up the operations team and ask about this topic.
But when the first lost back-up tape story hit the news months ago , it should have shocked every operations manager in the world into saying, "I need to start encrypting data tomorrow." Those who aren't encrypting their back-up tapes today should be fired tomorrow. There's no excuse for not doing this, other than incompetence.
Rss FeedRss Feed
Aging network systems and old habits have dictated how businesses spend their IT budgets. As a...
Implementing HA at the Enterprise Data Center Edge to Connect to a Large Number of Branch OfficesThis paper reviews the problem of creating a network where the dynamic availability of services is...
Enterprise Data Center Network Reference ArchitectureUsing a High Performance Network Backbone to Meet the Requirements of the Modern Enterprise Data...
The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
Stay out of the headlines: Detecting and preventing network intrusionsHow do YOU stay out of the headlines? There is no denying that risk exists in our computer-driven...
We have so many holes punched in our firewalls today that many industry insiders question the value...
IP address management in 2008 - six things to knowRead this Network World Special Brief to learn how Enterprise IT managers must update their...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comment