On 2/17/07, Roger Deschner <[EMAIL PROTECTED]> wrote:
. True, but "other tools" should not have access to the tapes. If they do,
Tell this to the intruder :) and they're mostly from internal staff. The simple assumption that "other tools (or people) should not have access to X" is not enough as a security measure. I'd rather prefer to "in adittion" to physical protection, apply data shredding and encryption, obviously, the features you apply depends on your needs and data categorization as sensible information or not. then you've got a much larger data integrity problem to solve. Reading
beyond the end-of-tape mark is not possible when the only program able to access the tape is the TSM server. If there is a way to run these "other tools" against your tapes, then they could get the live backup data as well, not just the old data on scratch tapes. I hope you are not intermixing your TSM scratch tapes with a larger scratch pool used by multiple applicaitons. Tapes in TSM should be under the physical control of the TSM administrators, either in a locked tape library in a secure machine room, or under suitable physical control at all times while being moved to/from offsite storage. If they're not willing to trust you and/or Iron Mountain, then they've got larger problems to deal with. In Illinois, BY LAW (Illinois Public Act 93-0306), "data shredding" must be repeated ten (10) times. The enormous resources that would take necessitates tactics other than data shredding. Secure reuse and physical destruction are what we use. If they are really that paranoid, they should require client encryption for all TSM clients, as well as comitting the financial resources to upgrade each client system so that they can handle the added client processor load of that encryption. If all data is encrypted at the source, then who cares about old data left on scratch tapes? It was encrypted in the first place. However, they must also be aware that under a scenario where all client data is encrypted at the client, they may not be able to restore some data in some cases such as a terminated employee who takes the encryption key for their client's data with them as they are shoved out the door. In general, if they do not have faith in the integrity of the backup system, whatever it is, then encryption of data at the source is the only answer. Roger Deschner University of Illinois at Chicago [EMAIL PROTECTED] ======= "Copy protection: a headache only for the law-abiding." ======== =========================== --New York Times =========================== On Fri, 16 Feb 2007, Helder Garcia wrote: >> >> Are you looking at erasure before reuse? I can't see a reason for this. >> > >Yes, there are reasons. While you're reusing the tape, there is still old >data on the "unused" part of the tape that can be read with other tools. > >-- >Helder Garcia >
-- Helder Garcia
