Hardware Today: Security, After the Breach
April 12, 2004
Get Paranoid About Backups
As comprehensive a solution as SMC's might seem, it doesn't canvas the entire security landscape. One component it neglects is protection for backups. While it's pretty much a given that a thoroughly organized backup strategy is a necessity, its effectiveness at preventing some disasters may actually invite others.
Tape drives using hardware-level encryption, like the Paranoia line from Avax International, plug this gap. "It is quite amazing, the number of companies that have secure data centers, with all the servers in cages and secure access, who will backup their data to tape with no security and hand those tapes to some anonymous courier to transport to an off-site storage facility," Avax President Andrew Senior told ServerWatch. Encrypting tapes also prevents "borrowing," a euphemism for when tapes are swiped and returned without administrator knowledge.
Data encryption for tape backups isn't a novel idea. But Paranoia drives deliver two benefits over backup software data encryption. One is speed. "Paranoia in-line encryption does not require any CPU cycles and has zero impact on backup/restore speed," Senior said. While CPU speed is saved without a doubt, this statement presumably ignores the relative slowness inherent to the drive's sturdy Data Encryption Standard 3 (DES-3) encryption.
Paranoia's biggest differential, however, is bolstered security. The Paranoia drives combine a user-supplied encryption key with a hardware key. Without both key components, the tape can't be decrypted, and the keys are theft-aware. "If the Paranoia unit itself is stolen, the software key is lost after the unit has been without power for two minutes," Senior said, "so anyone wishing to steal the data would need the tape, the user key, and the specific Paranoia box in order to retrieve the data."
Avax also takes into account the unlikely possibility of a thief bringing a mobile power source to swipe the entire rack without sustained power loss: "If you are truly paranoid, you can set the key loss timeout to a few seconds," Senior said.
Two Paranoia levels are currently available: Paranoia and its more intense sibling, Paranoia2. Paranoia runs at 20 MB per second and uses standard DES-3 encryption. DES-3 encrypts data with three 64-bit keys for a total of 72 quadrillion possible keys, making it much more difficult to crack than simple DES encryption. The quadrillion digit trade-off is DES-3's slower overall speed.
The Paranoia2 model adds built-in compression before doubling the encryption in separate streams. The effect is a faster, more secure backup that retains backward compatibility with the Paranoia drive for improved ROI. "Paranoia2 uses unique interlaced Dual-DES and Dual-DES3 modes, which offer even greater levels of security," Senior said. Paranoia2 builds on its encryption security further by merging two unique keys from two 72 quadrillion key pools into a densely encrypted data stream.
Enterprises that require still more encryption may want to investigate AES (Advanced Encryption Standard) technology as it continues to grow in popularity beyond classified circles. Or they can compare the Paranoia2's encryption to AES. "The interlaced 3DES encryption of our Paranoia2 unit is at least as secure as AES," Senior claims.
Pricing on Paranoia drives begins at $9,500, and Paranoia2 is priced starting at $16,700.
For those thirsting to learn more about server security fundamentals, we recommend perusing the SANS Institute (SysAdmin, Audit, Network, Security) Web site, which provides a variety of security information. The University of Chicago's Network Security Center site, a university resource open to the public, provides various security tips for admins of all interest and skill levels and is good place for an initial dip in the security waters.
Keeping the server room secure often means steering between the too-paranoid Scylla and the too-lax Charybidis. Sticking with relatively reasonable measures will go a long way toward navigating to a secure medium.