On Tuesday, 09/05/2006 at 01:23 MST, John Mattson <[EMAIL PROTECTED]> wrote: > Hey, I love neat new hardware and software as much as anyone, but > it looks like a complete waste of money and time for most businesses. Or > am I missing something here? Please shoot holes in this if I am.
You are missing the point that many sites have UNencrypted data that they would feel more comfortable having encrypted when dumped to a more portable media. It may be financial data, or confidential documents, or programs that have trade secrets or other intellectual property buried in them. Whatever it is, it may be more cost effective to encrypt what gets dumped to tape rather than spend the time, people, and money to comb the system looking for these things and developing processes and procedures to track them. And in some industries, this will without doubt be regulated and audited. IMO it will far easier (read: cheaper) to meet those requirements if all data is simply encrypted as it is exported. If it's double-encrypted, who cares? Maybe double encryption with different keys and algorithms will be the Gold Standard.... But, like you, I'd rather that the database have strong online protections, while still yielding the needed performance characteristics. Remember, too, that you want encrypted key operations so that anyone with access to the system itself (including creative sysprogs) cannot get a hold of the key used to encrypt the data. (Who watches the watchers?) Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
