1. Articles
1.1. Neoscale 2
1.1.1. Neoscale 2 WP_ImprovingDataSecurityProtectingTapeStorage.pdf
1.1.2. clever points
1.1.2.1. Portable storage media sent outside the physical protection of the data center is inherently at risk to theft or tampering.
1.1.2.2. The rapid increase of sensitive and regulated data presents additional privacy concerns, as is the case in recent security incidents.
1.1.2.3. therefore increased risk
1.1.2.4. Backup and recovery are primarily a means for data preservation, not protection against tape media access.
1.1.3. encryption options
1.1.3.1. Encryption through the backup application:
1.1.3.1.1. Putting data encryption on the backup server adds performance overhead, impacting application response and performance. Encryption keys would need to be protected and managed on the systems – a difficulty based on the number of hosts and their locations.
1.1.3.2. Encryption within the tape library:
1.1.3.2.1. Encryption increases the library cost as well as form factor. Key management must also be taken into account as the tape library is generally not a secure platform and multi-vendor, remote, or third party managed library systems would be even more difficult to manage.
1.1.3.3. Encryption with Storage Security Appliance:
1.1.3.3.1. A tape media security appliance offers the benefit of performance, centralized management, protected/managed keys, flexible deployment, and seamless integration with backup applications. The appliance can operate in a network path and can be flexibly placed before a SAN, NAS, or DAS connected tape library. The purpose built tape media encryptor offloads the processing burden associated with media encryption with nominal latency and can centralize the security management function, which in turn, provides greater policy enforcement and solid key protection.
1.1.4. then mainly discussion of encryption
1.2. Neoscale 1
1.2.1. NeoScale1 WP_BackupPrivacyCompliance.pdf
1.2.2. why
1.2.2.1. This level of security must extend to tape media which is often used for bulk data transfer or long-term, distributed archive of private, trusted or regulated information.
1.2.2.2. laws
1.2.2.2.1. what you need to do
1.2.2.2.2. and
1.2.2.2.3. encryption is the answer
1.2.2.3. Op Risk not just compliance
1.2.2.3.1. Operational risk is defined as “The risk of loss resulting from inadequate or failed internal processes, people or systems, or from external events.
1.2.2.3.2. Clearly, security breaches which expose business critical or financially sensitive materials would result in devastating customer trust as well as the investment stability of the financial institution.
1.2.2.3.3. Here to, organizations need to demonstration risk mitigation processes associated with processing, handling and protecting sensitive data, including maintaining security and availability of tape media and archive.
1.2.2.4. tapes can be big
1.2.2.4.1. At one point, tapes only contained 100G worth of data. Advancements in this portable media can now store about a half terabyte of typically clear-text information – a tape can hold the entire human genome.
1.2.3. but
1.2.3.1. Physical security and manual media tracking are required efforts minimize access risks and assure system recovery, but are costly to scale.
1.2.3.2. Any storage media that is accessible internally, handled by many staff, and often sent outside the confines of the data centre can be vulnerable to unauthorized data access, theft or corruption.
1.2.3.3. As tape media is handled by more persons and is transport/stored in more geographically diverse locations, what can organizations do to ensure the access control, privacy, integrity and auditing concerning backup tape media.
1.2.3.4. impact
1.2.3.4.1. Once open system portable media is in the hands of the adversary, there is unlimited time to sample, analyze and reconstruct the information regardless of backup application and compression algorithm.
1.2.4. tapes in last place again
1.2.4.1. Best security practices require traditional front end security methods such as physical access controls, data network transport protection, host defenses, system and applications authorization, and security policy.
1.2.4.2. However, this layered defense model should extend to secondary storage – preventing unauthorized access to tape media being rotated, remotely stored, transported, or being handled by third parties.
1.2.4.3. Security is never ignored – but often is second place, termed as part of the logistics process, or can be seen as an expensive inconvenience.
1.2.5. encryption issues
1.2.5.1. performance
1.2.5.1.1. software-based encryption consumes system processing which in-turn impacts application response and affects backup windows.
1.2.5.1.2. This will often require spending to increase system processing horsepower or off-loading such security processing requirements. Additional considerations regard key management and media management.
1.2.5.2. keys
1.2.5.2.1. Keys are used with the encryption algorithm to secure data. Therefore appropriate management, use and protection of the keys are required and will vary by vendor. Key management provision must be analyzed by users to assess implementation requirements.
1.2.5.3. data size
1.2.5.3.1. Furthermore, encryption flattens files and data which can adversely affect compression ratios offered by tape library vendors. Without the use of selective encryption, firms would have purchase more media to address lost compression rates.
1.2.5.3.2. use selective encryption
1.2.5.4. solution - use an appliance
1.3. MSB Associates
1.3.1. MSB secure-backup.pdf
1.3.2. omitting an important last step: secure off-site storage.
1.3.2.1. You’ve implemented technology and procedures at great expense, but you may be omitting an important last step: secure off-site storage.
1.3.2.2. From firewalls and strong authentication to intrusion detection and anti-virus, you have defense in depth through a variety of technologies and procedures.
1.3.3. Backup procedures are not simply an IT issue, but are an important part of corporate risk management and governance.
1.3.4. Part of our job as security professionals is to challenge assumptions, to anticipate potential problems, and to propose solutions to avoid or mitigate those problems.
1.3.5. assumption and risks
1.3.5.1. disk based storage is more cost effective than tape storage.
1.3.5.1.1. A very generalized assumption made across almost all industries is that backing up data from production systems onto some archival media is an important part of business continuity.
1.3.5.1.2. Making backups, and using tape drives for archival is the de facto standard. Most people don’t even consider alternatives to this process, although disk drive technology has evolved to the point where disk based storage is more cost effective than tape storage.
1.3.5.1.3. For quite some time, we in the security field have known that off site storage of backup tapes introduces some level of risk to the confidentiality of the data which is stored on those tapes.
1.3.5.2. risks
1.3.5.2.1. Storage media in the possession of the delivery driver may be lost.
1.3.5.2.2. Storage media may be stolen from the delivery truck.
1.3.5.2.3. Storage media on the return trip from the centralized storage site may be delivered to the wrong customer.
1.3.5.2.4. The delivery driver may act alone or in collusion with others to divert tapes.
1.3.5.3. mitigation strategies
1.3.5.3.1. tips
1.3.5.3.2. Carefully scrutinize contracts with the off-site backup provider.
1.3.5.3.3. Use locked containers to transport your tapes.
1.3.5.3.4. Encrypt the contents of all data prior to writing to backup tapes.
1.3.5.3.5. Selectively encrypt only sensitive data
1.3.5.3.6. Encrypt data at rest.
1.4. 7 mistakes
1.4.1. 7mistakes.pdf
1.4.2. intro
1.4.2.1. 7% chance of laptop hardware failing
1.4.2.1.1. In a 2007 study Google determined that once a hard drive reaches 2 years of age it has a 1 in 14 chance of failing over the next year. That’s a very high 7% failure rate.
1.4.2.2. impact of data loss can be fatal
1.4.2.2.1. Once a company suffers significant data loss that company has a 93% chance of going out of business as determined by the US bureau of labor.
1.4.2.3. lack of testing
1.4.2.3.1. A recent study conducted by Storage Magazine found that only 37% of businesses actually test their internal backups regularly, and that an alarming 77% of those that did found that they were unable to fully recover all of their critical data
1.4.2.4. inconsistent use of encryption?
1.4.2.4.1. A recent Aberdeen Group study found that less than 10% of corporations consistently use encryption technology to protect their most valued computer data assets and an even smaller number of those corporations encrypt their tape backups leaving them exposed to serious regulatory compliance liabilities.
1.4.2.4.2. you have those Aberdeen reports somewhere
1.4.2.4.3. not sure what this means exactly
1.4.3. the mistakes
1.4.3.1. Negligence & Procrastination
1.4.3.1.1. data backup process is the #1 most common mistake companies make with regards to business continuity and disaster planning. The backup process is often an “at the end of the list” type process with devastating consequences if data loss occurs.
1.4.3.1.2. low priority
1.4.3.1.3. but is it really part of BCM, more operations
1.4.3.2. Lack of Testing Backups
1.4.3.2.1. A recent study conducted by Storage Magazine found that only 37% of businesses actually test their internal backups regularly, and that an alarming 77% of those that did found that they were unable to fully recover all of their critical data. It is extremely important to test restoring data before an emergency or data failure occurs.
1.4.3.3. Not Identifying the Correct Data
1.4.3.3.1. It’s very common for corporations to have a data failure event only to find during the restore process critical data was omitted in the backup process.
1.4.3.4. Failure to Remove Data Backups Away from the Data Source
1.4.3.4.1. in case of fire or natural disaster.
1.4.3.4.2. relied on tape rotation systems for their backup needs requiring the physical rotation and removal of the tapes to another site in case of fire or natural disaster.
1.4.3.4.3. This manual, antiquated and cumbersome task is often forgotten or skipped.
1.4.3.5. Relying on Error Prone Tape Backup
1.4.3.5.1. even though the medium (Tape Backup) is proven to provide high failure rates
1.4.3.5.2. some triggers
1.4.3.6. Failure to Plan for Human Error
1.4.3.6.1. accidental or intentional deletions of critical computer data is the most common backup restore request by corporate IT departments.
1.4.3.6.2. Disgruntled employees can inflict significant damage by deleting critical data.
1.4.3.7. Failure to Encrypt Data Backups
1.4.3.7.1. A recent offsite data tape storage company lost hundreds of customer backup tapes during transport.
1.4.3.7.2. These tapes were not encrypted and were completely accessible to anyone who found them creating a regulatory compliance nightmare and extensive fines for the company.
1.5. Q3-backup-whitepaper
1.5.1. Q3-backup-whitepaper.pdf
1.5.2. encryption no longer just for military
1.5.3. Data stored in clear-text is open to attack by everyone from service providers to partners to evil insiders.
1.5.3.1. threat agents
1.5.4. For the most part, data transported to off-site storage is not secured and tracked, leaving tapes defenseless against theft, alteration or unauthorized viewing.
1.5.5. Encryption of backup tapes is the only way to ensure data at rest is safe.
1.5.6. California Security Breach Information Act (aka CA SB 1386)
1.5.6.1. Created to address data security breaches in California, this cutting-edge law enforces a rule stating California residents must be notified any time their “personal information” is compromised.
1.5.6.2. This applies to a last name with first name or first initial, and other identifying information such as a social security number, driver’s license number or California ID card.
1.5.6.3. It also extends to bank account numbers, credit and debit card numbers, and access passwords or security codes.
1.5.6.4. With the population of California representing approximately 12% of the United States population, it is unlikely a security breach could occur without containing some personal information from a California resident.
1.5.7. impact
1.5.7.1. So how devastating might it be if an IT Manager fails to properly encrypt company data? Hang on to your hard drives because, depending on the regulation that has been broken, the sentences range from suspension to 10 years in prison, with fines from $100 to $1,000,000.
1.5.7.1.1. have another small table
1.5.8. honest RA
1.5.8.1. What process controls are currently in place for database management?
1.5.8.2. • Can you describe the monitoring and reporting currently being used?
1.5.8.3. • When was the last time you ran tests on your process controls to identify “leaks” and make suggestions for improvements?
1.5.8.4. • Are you willing to fully understand and accept your own responsibility for managing the internal controls of the databases you manage?
1.5.9. encryption issues
1.5.9.1. To do this requires an in-depth review of current encryption policies, including assessing methods, key lengths and key management.
1.5.9.2. Historically, data backup is a task fraught with procrastination.
1.5.9.2.1. The complexity of the process is time consuming and costly, incurring unacceptable downtime and slowing of networks.
1.5.9.3. threat agents
1.5.9.3.1. However, the biggest threat to confidential information today comes not from the outside, but from the inside. And, with over one billion Internet users, Internet hacking has quickly become the most efficient method of stealing data. In most settings, it is the database administrator (DBA) who has oversight of all access to corporate data, and who performs regularly scheduled tasks like importing and exporting data, creation of various reports, and maintaining the performance and stable environment of the database. Under the new compliance regulations, DBA's find themselves charged with a high level of duties for which they often feel they do not have the most effective arsenal of tools.
1.5.9.4. IronMountain incident
1.5.9.4.1. A story released in April 2005 revealed that records storage leader Iron Mountain had fallen victim to the loss of tapes containing sensitive customer information. Because of this incident, Iron Mountain said in its statement,
1.5.9.4.2. “Iron Mountain is advising its customers that current, commonly used disaster recovery processes do not address increased requirements for protecting personal information from inadvertent disclosure.”
1.5.9.4.3. They further went on to advise, “Iron Mountain, therefore, is recommending that companies encrypt backup tapes containing personal information...” and ended by saying,
1.5.9.4.4. “We believe encryption is the best way for businesses to meet the increasing need for privacy protection.”