Tom Metro wrote:
Oh, physical security is already excellent in this scenario. Locked cage, 24/7 CCTV, and a security guard. The weakness is that your server is in a data center owned by a 3rd party, who can simply hand the keys over to someone else.
I must disagree with your assessment of "excellent". If a third party has physical access to your equipment and data then that equipment and data are not secure. If that third party has a greater interest in serving itself or other parties than it has in serving you then that equipment and data are distinctly vulnerable.
They're encrypted too, with keys only held in memory.
Then your disaster recovery options are nil. An encrypted backup that cannot be decrypted is mostly useless except for maybe being an example of how not to run a backup system.
Dan's suggestion is great if legal threats are included in your threat model. Otherwise locked in a safe requiring two different security officers to unlock.
-- Rich P. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
