Encrypting everything which goes out of the data center is
expensive and/or uses lots of resources (same thing really), takes time,
and complicates your disaster recovery. In addition none of these
"encrypt all tape" solutions deals with threats inside the company, either
employees, or hackers.
So what's a better solution?
Just how much data really NEEDS encryption? I submit for most
businesses (eg. not financial institutions), very little. Credit card
numbers, and perhaps, names. If names are encrypted everything else,
address, phone, and even credit cards become pretty much useless. Remember
how often you are asked for "your name, as it appears on the credit card".
So, why not encrypt the card number and name before storing in your
database. A simple little home grown program to use RSA or other
encryption, and very strict controls, RACF or other, as to who/what can
access it. Your data is safe from both inside, outside, and just plain
mistake compromises.
Hey, I love neat new hardware and software as much as anyone, but
it looks like a complete waste of money and time for most businesses. Or
am I missing something here? Please shoot holes in this if I am.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
