Quantum: Back up, Recovery, Archive  

    Home > Solutions

Request more informationPrint this pageE-mail this pageBookmark this page
Quantum Encryption Solutions
 

Over the past few years, data security breaches have cost companies millions of dollars and inflicted significant damage to the corporate images of these firms.  With concerns around data security mounting, businesses of all sizes are beginning to integrate encryption into their backup and archive processes. Quantum understands that protecting data at rest and in transit are key challenges facing IT professionals today and has integrated data encryption features into its leading disk and tape solutions.

The cost of a data security breach continues to rise. According to the Ponemon Institute, data security breach incidents now cost companies $197 per compromised record, including lost opportunities and reputation as well as legal, investigative, administrative and customer support expenses. Losses associated with customer churn and acquisition account for 65 percent of data security breach costs.

Encryption can dramatically reduce, if not eliminate, the risk of a data security breach. That’s why a growing number of government and industry regulations call for the encryption of sensitive data.  Many states require that companies disclose all data security breaches of non-encrypted data to the media and all customers potentially affected.  Specific industry associations are also taking action to drive security standards, such as the Payment Card Industry (PCI) Data Security Standard.  This standard mandates  the encryption of stored data, including data on backup tapes, and noncompliance can result in monetary penalties ranging from $5,000 to $50,000 per month.  Finally, a number of bills before Congress would require companies that store specific types of consumer data to establish security safeguards such as encryption.

IT managers are faced with the challenge of integrating encryption into their backup, recovery, and archive processes.  This additional business requirement introduces another technical dimension to an already complex set of processes, leaving users with important questions to resolve:

  • How will I add encryption without affecting the backup window?
  • Will this change my backup processes and software environment?
  • How will I manage the encryption process?
  • Can I encrypt data being transported between sites, both via replication and on tapes?

Without the right approach and architecture, users will be forced to make painful tradeoffs to achieve data security and may be forced to settle for poor performance, hardware or software dependencies, and complex management. 

Quantum understands the issues associated with encryption within backup, recovery, and archive.  We offer encryption options for both our disk and tape solutions, giving customers the flexibility to choose what fits best with their business requirements. For disk-based backup, Quantum’s DXi-Series incorporates deduplication and fully-encrypted replication, allowing customers to securely link sites for enterprise-wide backup and disaster recovery.  For tape systems, Quantum’s Encryption Key Manager (Q-EKM) is available for Scalar i500 and Scalar i2000 tape libraries in conjunction with LT0-4 drives.

 

Encryption Key Manager (Q-EKM) for Scalar Tape Libraries  


Quantum Encryption Key Manager (Q-EKM) is an easy-to-use solution for protecting valuable data at rest across the enterprise.  It is easy to set up, integrates seamlessly into existing backup environments, and scales easily to meet changing demands. And with Q-EKM’s “set and forget” design, the administrator doesn’t have to worry about data encryption and key management.
Key Features:

  • Provides native LTO-4 drive-based encryption — a cost-effective solution based upon the AES (Advanced Encryption Standard) 256-bit encryption recommended by the federal government for classified data.
  • Operates out of the data path with no impact on performance or “same system” restore requirements.
  • Protects, stores and manages encryption keys supporting multiple libraries in a centralized keystore.

More information on Quantum’s Encryption Key Manager can be found in the whitepaper. Encryption Key Management : A Technical White Paper

 

Data Encryption With DXi-Series


Because many organizations use public data exchanges to supply WAN services between distributed sites and data transmitted between sites can take multiple paths from source to target, deduplication appliances need to offer encryption capabilities to ensure the security of data transmissions. In the case of DXi-Series appliances, all replicated data—both metadata and actual blocks of data—is encrypted at the source level using SHA-AES 128-bit encryption and decrypted at the target appliance.

More information on Dxi-Series Data deduplication, Replication and Encryption can be found in the whitepaper Data deduplication Background: A Technical White Paper