This Software Is Spyware Free >>
<< When Your RSS Is No Longer Your Own
 tdicon 


Studies

by Mike Masnick

Tue, Nov 15th 2005 7:23pm





Encrypted Backups Still Not All That Common

from the data-is-as-data-does dept

When all those data leaks of backup systems happened earlier this year, one of the questions asked was why were so few of those backups encrypted? That resulted in a spirited debate, where people discussed the pros and cons of encryption, and pointed out the even more important point: if the backups are secured physically, then you shouldn't need encryption. In other words, this isn't even a question if companies properly secured their backups. Still, it's pretty clear that plenty of important data isn't secured physically and isn't encrypted -- and all those data leaks haven't changed very much. A new study shows that there's been virtually no change in the percentage of companies that encrypt their backups, even if plenty say they plan on doing so at some point in the future.

3 Comments | Leave a Comment..


If you liked this post, you may also be interested in...
 

Reader Comments (rss)

(Flattened / Threaded)

  1.  

    It's really not a public debate

    identicon
    amasa howard, Nov 16th, 2005 @ 6:07am

    Data backups really aren't a matter of public debate, it's really a technique decision by the supernumeral tech for the for the organization. In the realm of customer data, the problem of sensitive/personal data being unencrypted is merely a symptom of the root issue, which is that we as a culture have readily parted with our government issued serialization because we were told "that's the way it is". It's a cultural issue, not a technique issue. There's really no good reason to give your SSN and DOB to anyone, for any reason, but sadly we do it anyway so we can have our credit cards, our cable tv, our cellular phones, our homes, our cars, etc.
    How secure is a password that never changes?

    reply to this | link to this | view in thread ]

  2.  

    No Subject Given

    identicon
    Spinman, Nov 16th, 2005 @ 6:43am

    Physical Security. Well thats just like a lock on a door, all that does is keep and honest man honest. How much is the company's data worth? Thats what these company's should be asking themselves. If we loose this information how much is it going to cost us.

    reply to this | link to this | view in thread ]

  3.  

    Encryption

    identicon
    Prent Rodgers, Nov 16th, 2005 @ 12:24pm

    Companies don't encrypt their tapes because it costs a lot of resources to encrypt. If it is done on the client machine, the CPU goes to 100% and stays there for the duration of the backup. If it is done on the server, there may not be a long enough window to run the encryption. If it is done on an outboard device, like Decru or others, the device costs money. A typical installation will have one encryption appliance per tape drive (or two or three, depending on throughput). If the company has 20 tape drives, that's an investment of $1m or more. Plus they need appliances at the disaster recovery center to decrypt the data. It gets expensive, and that moves it off the radar of IT managers.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>


This Software Is Spyware Free >>
<< When Your RSS Is No Longer Your Own
 tdicon 

A word from our Sponsors...
Follow Techdirt
Flattr rss rss

Powered by Postrank

From the Techdirt Archive...
A word from our Sponsors...

Close

Email This