NETWORK WORLD NEWSLETTER: MIKE KARP ON STORAGE IN THE ENTERPRISE
06/23/05
Today's focus: Don't be the IT manager who lets unencrypted
data go
Dear networking.world@gmail.com,
In this issue:
* Products to encrypt data
* Links related to Storage in the Enterprise
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Oracle
SAN and SMP, Pooling or Provisioning - what does it all mean?
Find out with the Oracle Grid Computing Glossary! Like any
technology, grid computing is made up of a specialized set of
terms and acronyms. This comprehensive glossary provides a
definition of important grid-related terms.
http://www.fattail.com/redir/redirect.asp?CID=107098
_______________________________________________________________
TEN WAYS TO STOP SPYWARE
You will get spam down to a manageable level this year, but then
spyware will kick in. Spyware cleaners will help, but won't
eradicate all the unwanted activity at the office, at home.
Here's a ten step guide you can follow to curb the spyware
problem:
http://www.fattail.com/redir/redirect.asp?CID=106930
_______________________________________________________________
Today's focus: Don't be the IT manager who lets unencrypted
data go
By Mike Karp
Capturing top position in last week's Stupid IT Tricks
Competition are the good folks at CardSystems Solutions in
Atlanta. This company processes credit card and other payments
for banks and merchants and, inadvertently, for hackers as well.
Its unencrypted data was hacked last month, with the likely
result that information on 40 million credit card accounts was
compromised.
America Express, Discover, MasterCard, Visa, take your pick
(somebody else apparently already has) were all affected. Check
this month's credit card statements carefully when they arrive.
Questionable management of "secure data" is in the news far too
frequently these days. Ameritrade, Bank of America, Citigroup,
Lexus/Nexus, Time Warner, most of which I reported on last
month, have all dropped the ball in recent months when it comes
to data security. Oftentimes the data just "disappears" in
transit to a third-party data repository like Iron Mountain;
sometimes it goes missing when being shipped between facilities
within the same company, and on frequent occasions, it is
actively attacked from both inside and outside the firewall as
was the case with CardSystems. In all instances listed above
none of the data was encrypted, which certainly leads us to
wonder about the seemingly cavalier attitude assumed by the
companies to whom it was entrusted.
IT managers tend to avoid encrypting data for any of several
reasons. In some cases, there is no corporate emphasis on
security to support investment in encryption technology. More
frequently, they are concerned that encryption will add to the
time it takes to access or back up data, so amid all their other
time constraints they avoid adding what seems to be another
"cycle-sucker" to their operations. Most frequently, I suspect
they just keep their fingers crossed and hope that when
something hits the fan it won't occur at their shop.
Lots of alternatives are available to support encryption of data
at rest. Security software vendors like Decru (acquired last
week by Network Appliance), Neoscale and Vormetric offer
solutions that can be dropped-in, appliance-like, in most
environments. These will take care of protecting data on your
storage-area network.
If your concern is about encrypting tapes to protect them while
they travel offsite, consider the offerings from FalconStor and
Intradyn.
If you are one of those companies whose back-up windows have
been compressed to the point where you feel can't afford the
extra time involved in encrypting your tapes, look at
FalconStor's virtual tape libraries, a product set that would be
suitable for medium and larger sites. They provide encryption
capabilities on the VTL with the result that encryption can be
done after the data has been transferred from the production
systems. Because encryption is done on the nearline system,
there is no impact on the back-up window.
Also, there is now no reason smaller companies should be less
well protected than their larger competitors. Intradyn, maker of
the RocketVault and ComplianceVault appliances that are aimed at
smaller companies, is now bundling strong encryption (128 bit)
software at no added charge into their products. They partner
with Sony to provide a back-up solution that hangs off the back
of their small appliances. As a result, now even a mom-and-pop
shop can protect their back-up tapes more successfully than
those very large companies mentioned earlier seem capable of
doing.
RELATED EDITORIAL LINKS
Security breach may have exposed 40 million credit cards
IDG News Service, 06/20/05
http://www.networkworld.com/nlstorage2793
_______________________________________________________________
To contact: Mike Karp
Mike Karp is senior analyst with Enterprise Management
Associates, focusing on storage, storage management and the
methodology that brings these issues into the marketplace. He
has spent more than 20 years in storage, systems management and
telecommunications. Mike can be reached via e-mail
<mailto:mkarp@enterprisemanagement.com>.
_______________________________________________________________
This newsletter is sponsored by Oracle
SAN and SMP, Pooling or Provisioning - what does it all mean?
Find out with the Oracle Grid Computing Glossary! Like any
technology, grid computing is made up of a specialized set of
terms and acronyms. This comprehensive glossary provides a
definition of important grid-related terms.
http://www.fattail.com/redir/redirect.asp?CID=107097
_______________________________________________________________
ARCHIVE LINKS
Archive of the Storage newsletter:
http://www.networkworld.com/newsletters/stor/index.html
Breaking storage news and analysis:
http://www.networkworld.com/topics/storage.html
_______________________________________________________________
Let's get virtual: How to make virtualization work for you
Analysts agree that having a virtual IT infrastructure helps to
significantly lower costs, respond to business needs faster, and
deliver flexible IT. Find out what makes a virtual
infrastructure work. View now.
http://www.fattail.com/redir/redirect.asp?CID=106968
_______________________________________________________________
FEATURED READER RESOURCE
CALL FOR ENTRIES: 2005 ENTERPRISE ALL-STAR AWARDS
Network World is looking for entries for its inaugural
Enterprise All-Star Awards program. The Enterprise All-Star
Awards will honor user organizations that demonstrate
exceptional use of network technology to further business
objectives. Network World will honor dozens of user
organizations from a wide variety of industries, based on a
technology category. Deadline: July 8. Enter today:
<http://www.networkworld.com/survey/easform.html?net>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here :
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: networking.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment