Backing up your paper

Lost records convince officials that encrypted digital backups are crucial

After Hurricane Katrina devastated the Gulf Coast region, along with many vital records, federal officials realized they needed to digitize such records to prevent future data loss. But storage analysts say federal agencies are behind the curve when it comes to safeguarding digitized records stored elsewhere. Federal agencies are not encrypting their off-site data, said Jon Oltsik, a senior analyst at research firm Enterprise Strategy Group.

Katrina's destruction demonstrated the importance of electronic backup copies of documents such as health records and flood maps. But by keeping copies of critical information, agencies also create new opportunities for data theft. Market analysts say new opportunities exist for security and storage companies to provide secure off-site data storage, and some companies are revising their short-term strategies accordingly.

Dore Rosenblum, vice president of marketing at NeoScale, said the company has expanded its services and changed its marketing approach to meet what he hopes will be a strong demand for secure data storage.

The company's advertisements now emphasize the need for protection against publicly exposed breaches. A recent product announcement spotlights the ability to create keys for recovering encrypted data simultaneously at multiple local and remote sites. It describes the company's Global Key Management software, which allows customers to create a unique key for each tape and immediately access data when necessary for disaster recovery and business continuity.

Other storage company officials say business is booming even though they have done little to call attention to their offerings.

"The increased awareness of security issues has definitely increased demand for our products from both enterprise and government customers," said Kevin Brown, vice president of marketing at Decru, a NetApp company.

The company is also responding to renewed congressional interest in safeguarding the privacy of citizens' information stored in large commercial databases. "We are spending more time serving as a resource for legislators and regulators who are weighing the business, technology and privacy issues in upcoming draft bills," Brown said.

Oltsik is the author of a recent survey that asked 388 agencies and companies whether they encrypt backup data as they copy it to tape. "Of the five industry segments we looked at, [the local/federal] government was the worst," he said. Only 3 percent of government organizations said they always encrypt backup data, and 77 percent said they never do.

Overall, only 7 percent of the organizations surveyed said they always encrypt backup data, despite the fact that vendors have offered backup encryption tools for at least 15 years, Oltsik said.

He said he expects a different picture to emerge a year from now because of recent events. In addition to the storm damage, federal agencies have learned hard lessons in data security because of the specter of regulatory compliance audits, discussions of disaster recovery efforts and widely publicized data breaches.

"There is certainly an impetus to encrypt backup tape, and we're seeing an increase in the market," Oltsik said. "Fifteen years ago, if you found a backup tape and you knew what it was, it would be very hard for the average person to read the data. Now people know very well what it is and how to get the data off the tape."

As a result, data storage companies have begun collaborating with data security companies. Data vault company Iron Mountain deposits many federal backup tapes in unmarked buildings and underground facilities. The company has formed a partnership with Decru to protect data in its hidden sites.

Brown said federal officials will run into a double bind as their disaster recovery plans blossom. The more copies of data that agencies have, the easier it is to recover data during a disaster, he said. "But the more copies you make, the worse off you are from a security perspective," he added.

Traditionally, stored text is unencrypted. Anyone in the storage site could read streams of classified data. "You can't do business in the government without dragging a terabyte of data around with you," Brown said.

Encryption lets data owners control who can read the material. The technology provides insurance in the event a storage company courier loses the data or a disgruntled employee tries to manipulate the records.

Because of concerns about terrorism in the Washington, D.C., area, Decru has spread its resources further. The company can simultaneously support as many as four disaster recovery sites for each customer.

Rosenblum said the recent storm season illustrates another lesson: Organizations should store data somewhere remote and not simply in a building across the street.

National Archives and Records Administration officials contend that federal agencies already have protocols in place for off-site data archiving.

"Agencies do not need to do things differently if they have been managing their vital records" as prescribed by federal regulations, said Paul Wester, director of NARA's Modern Records Programs. "In general, because of [the 2001 terrorist attacks] and now Katrina, there is a greater awareness that records and records management need to be accounted for in an agency's continuity of operations plan," he said.

NARA will likely re-emphasize vital records training at some point in fiscal 2006 to prepare for the next hurricane season. For example, NARA information security officials are warning agencies to shield particular backup operations.

William Bosanko, associate director of NARA's Information Security Oversight Office, said agencies need to consider the sensitive information that may be in federal records and "be prepared to take prompt and effective action in a disaster situation to protect the integrity and security of such information."

Decru plans for the future

Decru's data-recovery system gives government officials geographically dispersed appliances, software and smart cards for decrypting data in times of emergency.

Decades from now, when new technology replaces current access and retrieval systems, authorized government employees will still be able to access encrypted backup data using a hardware appliance or software. A set of smart cards secures both systems.

Officials designate recovery personnel and specify a quorum of recovery personnel -- two of three, three of five, etc. -- who must be present to use the smart cards to retrieve the data, ensuring that no single person can unlock all the security.

Decru also uses standard encryption algorithms, including the relevant Federal Information Processing Standard. The redundant security precautions quickly get the data to the right people while preventing the wrong people from accessing it.

-- Aliya Sternstein

Featured

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above