james hughes <[EMAIL PROTECTED]> writes: > There are large institution with 1000s of tape drives and 1,000,000 > or more cartridges. Even simple solutions are huge to implement. This > is a non-trivial matter. The technical solutions are possible, there > are vendors out there that are already doing this. Getting from here > it there, even if the solutions were available for free is still a > very expensive challenge.
It isn't much of a challenge. In several cases, the cost of implementing backup encryption was much cheaper for my customers than the cost of the time it took me to explain to them that they needed it -- i.e. ignorable. There are plenty of reasonable ways to handle the key management problem, and even using a well known (at least if you have the key to the safe deposit box) conventional key for all your backups in a given month or six months is a whole lot better than leaving the data in the clear. (Sure that isn't ideal, but now you've raised the bar a whole lot, and you can implement better methods if you have the will.) Some people claim that the data rates you are dealing with are too high to permit doing the encryption without hardware, but that's usually because they imagine having all the compression and encryption done on the machine managing the tape robot. Even in that case, though, extra processors are often a whole lot cheaper than the labor cost of the meeting needed to discuss the problem. > Bottom line, this issue is here to stay and will take years to solve. Since several of my customers have solved this problem already, and since it didn't take them years, I have to dispute that claim pretty strongly. The most important thing it requires is the will to do it. Cost isn't a real issue, technology isn't a real issue. Human beings are the issue. Perry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
