IBM System Storage Data Protection and Security Chen Chee Khye ATS Storage

Similar documents
Storage Security Best Practices Martin Borrett, Lead Security Architect NE Europe, WW Tivoli Tiger Team IBM Corporation

IBM Storage Software Strategy

Information Infrastructure Forum

IBM System Storage DS5020 Express

IBM System Storage DS5020 Express

HP StorageWorks LTO-5 Ultrium tape portfolio

Exam : Title : Storage Sales V2. Version : Demo

IT Certification Exams Provider! Weofferfreeupdateserviceforoneyear! h ps://

Balakrishnan Nair. Senior Technology Consultant Back Up & Recovery Systems South Gulf. Copyright 2011 EMC Corporation. All rights reserved.

EonStor DS - iscsi Series High-Availability Solutions Delivering Excellent Storage Performance

Vendor: IBM. Exam Code: C Exam Name: Fundamentals of Applying Tivoli Storage Solutions V3. Version: Demo

Data safety for digital business. Veritas Backup Exec WHITE PAPER. One solution for hybrid, physical, and virtual environments.

i Scalar 2000 The Intelligent Library for the Enterprise FEATURES AND BENEFITS

50 TB. Traditional Storage + Data Protection Architecture. StorSimple Cloud-integrated Storage. Traditional CapEx: $375K Support: $75K per Year

Preserving the World s Most Important Data. Yours. SYSTEMS AT-A-GLANCE: KEY FEATURES AND BENEFITS

Accelerate with ATS Encrypting Data at Rest with the DS8000

FUJITSU Backup as a Service Rapid Recovery Appliance

Acer Hitachi AMS2300 specifications

Archiving, Backup, and Recovery for Complete the Promise of Virtualisation Unified information management for enterprise Windows environments

IBM TS7700 grid solutions for business continuity

Moving From Reactive to Proactive Storage Management with an On-demand Cloud Solution

HPE MSA 2042 Storage. Data sheet

The Evolving Role of Tape and Disk in the High Performance Data Center Bruce Master IBM LTO Program

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Mainframe Storage Best Practices Utilizing Oracle s Virtual Tape Technology

1 Quantum Corporation 1

IBM Tivoli Storage Manager Version Introduction to Data Protection Solutions IBM

Delivering Real Business Value While Driving Down IT Cost with Virtual Tape

IBM Z servers running Oracle Database 12c on Linux

Implementing Disk Encryption on System x Servers with IBM Security Key Lifecycle Manager Solution Guide

DELL EMC VALIDATED SYSTEM FOR VIRTUALIZATION

Exam Name: Midrange Storage Technical Support V2

WELCOME TO TIVOLI NOW!

Combining HP StoreOnce and HP StoreEver Tape

Designing Secure Storage for the Cloud Jesus Molina Fujitsu Laboratories of America

CA ARCserve Backup. Benefits. Overview. The CA Advantage

Hitachi Adaptable Modular Storage and Hitachi Workgroup Modular Storage

Scalar i500. The Intelligent Midrange Tape Library Platform FEATURES AND BENEFITS

SMART SERVER AND STORAGE SOLUTIONS FOR GROWING BUSINESSES

IBM System Storage DS4800

<Insert Picture Here> Oracle Storage

IBM System Storage. Tape Library. A highly scalable, tape solution for System z, IBM Virtualization Engine TS7700 and Open Systems.

RECOVERY SCALABLE STORAGE

IBM Spectrum Protect Version Introduction to Data Protection Solutions IBM

Optimizing and Managing File Storage in Windows Environments

The Fastest and Most Cost-Effective Backup for Oracle Database: What s New in Oracle Secure Backup 10.2

IBM System Storage N3000 Express series Modular Disk Storage Systems

A Promise Kept: Understanding the Monetary and Technical Benefits of STaaS Implementation. Mark Kaufman, Iron Mountain

Technology Insight Series

EMC Integrated Infrastructure for VMware. Business Continuity

PracticeTorrent. Latest study torrent with verified answers will facilitate your actual test

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

THE EMC ISILON STORY. Big Data In The Enterprise. Deya Bassiouni Isilon Regional Sales Manager Emerging Africa, Egypt & Lebanon.

MODERNISE WITH ALL-FLASH. Intel Inside. Powerful Data Centre Outside.

Rio-2 Hybrid Backup Server

Data Sheet: Storage Management Veritas Storage Foundation for Oracle RAC from Symantec Manageability and availability for Oracle RAC databases

Introduction to Digital Archiving and IBM archive storage options

WHY DO I NEED FALCONSTOR OPTIMIZED BACKUP & DEDUPLICATION?

esureit Online Backup vs. Portable Media

The Freedom of High-Performance Backup and Restore with Dynamic Solutions International (DSI) Virtual Tape Library (VTL)

Hitachi Adaptable Modular Storage and Workgroup Modular Storage

IBM Storage Systems Group IBM TotalStorage Connected. Protected. Complete.

Brendan Lelieveld-Amiro, Director of Product Development StorageQuest Inc. December 2012

DAHA AKILLI BĐR DÜNYA ĐÇĐN BĐLGĐ ALTYAPILARIMIZI DEĞĐŞTĐRECEĞĐZ

Archive 7.0 for File Systems and NAS

product overview CRASH

Could Your Systems be Hindering Your Most Productive Employees?

Dell PowerVault DL2100 Powered by CommVault

Scale-out Object Store for PB/hr Backups and Long Term Archive April 24, 2014

Virtualization Selling with IBM Tape

Hitachi Adaptable Modular Storage 2000 Family

Quest DR Series Disk Backup Appliances

archiving with the IBM CommonStore solution

NEC Express5800 R320f Fault Tolerant Servers & NEC ExpressCluster Software

White paper: Agentless Backup is Not a Myth. Agentless Backup is Not a Myth

Backup and Recovery: New Strategies Drive Disk-Based Solutions

Executive Summary SOLE SOURCE JUSTIFICATION. Microsoft Integration

IBM TS4300 Tape Library

LTO Technology: Portable, reliable, cost effective data storage for business and entertainment applications. Making the Best Use of Disk and Tape

COMPREHENSIVE RETENTION COMPLIANCE: HOW KEEPITSAFE ONLINE BACKUP CAN HELP YOUR BUSINESS

Vendor: IBM. Exam Code: Exam Name: Storage Sales V2. Version: DEMO

Tape Sucks for Long-Term Retention Time to Move to the Cloud. How Cloud is Transforming Legacy Data Strategies

Software Defined Storage

Test Data Management for Security and Compliance

IBM LTO Ultrium 5 Half High Tape Drive

Replicating Mainframe Tape Data for DR Best Practices

Quest DR Series Disk Backup Appliances

Key Management in a System z Enterprise

Focus On: Oracle Database 11g Release 2

Introduction to iscsi

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

Open Systems Virtualization and Enterprise-Class De-duplication for Your Information Infrastructure

How Smarter Systems Deliver Smarter Economics and Optimized Business Continuity

HPE Converged Data Solutions

Wong Tze Chuan General Manager. Gadget Wearable Tech (M) Sdn Bhd

See what s new: Data Domain Global Deduplication Array, DD Boost and more. Copyright 2010 EMC Corporation. All rights reserved.

FOUR WAYS TO LOWER THE COST OF REPLICATION

IBM IBM Open Systems Storage Solutions Version 4. Download Full Version :

Data Warehouse Archiving:

Active Archive and the State of the Industry

Transcription:

IBM System Storage Data Protection and Security Chen Chee Khye ATS Storage chenck@my.ibm.com

Information is Exploding Data Types Data Growth Data Impact Structured PB shipped 1TB/4D image Unstructured 2005 2006 2007 2008 2009 2010 1MB/2D image 2004 2007 Today... Up to 80% of data is unstructured content (email, video, images) Through 2012... Storage capacity shipments are growing at 54% a year By 2010... Example: Medical images will take up 30% of the world s storage IBM Security 2

Impact on Data Storage Data volumes doubling every 18 months Devices accessing data doubling every 2.5 years 70% of the digital universe is created by individuals but enterprises are responsible for the security, privacy, reliability and compliance of 85% Information created, captured, or replicated exceeded available storage for the 1 st time in 2007 Structured data growing at 32% Unstructured data growing at 63% Replicated data growing at 49% Source: IDC worldwide enterprise disk in Exabytes from Changing Enterprise Data Profile, December 2007 Current economic climate will push for storage services which raises the need for security IBM Security

IBM Information Infrastructure Data Loss is Top of Mind 4

IBM Information Infrastructure The Cost of Data Loss The impact of data loss is significant Totaling $66.9M in 2007 ± Average data breach costs a company $5M Average annual loss per company is $350,000 ± Breaches costs companies an average of $185 per record 327 data breaches were reported in 2006* More than 100M data points exposed in 2006* Requirement for data privacy and encryption is mandatory Customers will not have a choice on storage security spending ±Computer Security Institute 2007 Network World Magazine *Source: privacyrights.org 5

We Need IT Infrastructure Able to Handle Data Growth Reduce reputation risks and audit deficiencies Average US legal discovery request can cost organizations from $150K to $250K. Deliver continuous, reliable access to information Downtime costs can amount up to 16% of revenue in some industries. Support information retention policies 37% of data is expired or inactive. Secure sharing of information Average cost of a privacy breach is around $200 per compromised record Information Compliance Information Availability Information Retention Information Security Sources: CIO Magazine survey 2007; IBM Tivoli Market needs and profiling study 2005; The Costs of Enterprise Downtime: NA Vertical Markets 2005" Information Research; IBM Market Intelligence. SNIA Data Management Forum, 100 Year Archive Requirements Survey, Storage Networking Industry Association (SNIA), 2007 6

IBM Software Group View of the IBM s data protection technology encryption everywhere SAN Encryption Key Management File system encryption Database encryption Switch encryption Encryption choices why should encryption be built into storage Performance cryptography can be computationally intensive Efficiency - encrypted data is not able to be compressed or de-duplicated Security - Data in transit should use temporary keys, data at rest should have long term retention and robust management Scalability best to distribute cryptography across many devices Disk Storage Array Encryption Enterprise Tape Library 3592 Encryption Encryption IBM has launch encrypting tape systems, moving to encrypting storage arrays (Full Disk Encryption), with plans to extend to the rest of the infrastructure (Switch/Base/Backup components)

Why Wouldn t You Encrypt Data at Rest? Your Concerns: 1. Performance Encryption that isn t built into the storage infrastructure could cause serious performance penalties 2. Potential to Lose data If you encrypt the data and lose the key then the data is lost 3. Complexity Some solutions add extra boxes on the wire, classification, constant configuration, application changes 4. Total cost of ownership Some solutions can double the cost of the storage solution IBM s Response: Our encrypting storage solutions have an impact on performance that is less than 1% Our key management is proven with thousands of customers today Our solution is simple to install, configure, with no application or server changes required Our Encryption and key management adds small incremental cost Our solution is high performance, robust, safe, simple, and cost effective IBM Security

IBM Vision for Encryption and Key Management Encryption built into the infrastructure (not on top of it) B IBM s 3 rd generation tape drive with encryption: TS1130 TS1120 LTO Gen 4 Full Disk Encryption (FDE) Over 3,500 security professionals worldwide B $1.5B investment in security in 2008 Tivoli Key Lifecycle Manager TS1130 Tape Drive Disk Encryption Security and Privacy Services What separates IBM from the pack is its ability to provide a complete and extensible Storage Encryption architecture, including an enterprise key management capability. Jon Oltsik, Enterprise Strategy Group, August 2008 IBM Security

The Future of Storage Encryption is built in just like compression, and increasingly de-duplication IBM has shipped tape systems with built in encryption for 2 years IBM has shipped encrypting disk systems Enterprise Tape Library 3592 You will need unified key management for operational simplicity, security, and compliance Transparent to applications no changes or upgrades required Simple, easy to install and use Adheres to regulations Fits into your environment no new appliances Disk Storage Array IBM Tivoli Key Lifecycle Manager is the answer! IBM Security

IBM Information Infrastructure IBM Tivoli Key Lifecycle Manager v.1.0 Simplified key management across distributed and mainframe Client Value Reduces encryption management costs related to set up, use and expiration of keys Enables organizations to comply with disclosure laws and regulations Ensures against loss of information due to key mismanagement Transparently detects encryptioncapable media to assign necessary authorization keys Runs on most existing server platforms to leverage resident server s existing access control/high availability/disaster recovery configs Its predecessor EKM is proven key management system with 2000 customers worldwide! Simple, Secure and Cost-effective Key Storage, Key Serving and Key Management

IBM Information Infrastructure IBM Tivoli Key Lifecycle Manager v.1.0 Feature Function Focused on device key serving IBM encrypting tape TS1120, TS1130, LTO gen 4 IBM encrypting disk DS4000/DS5000/DS6000/DS8000 Lifecycle functions Notification of certificate expiry Automated rotation of certificates Automated rotation of groups of keys Platforms for V1 AIX 5.3 64 bit Red Hat AS 4.0 x86-32 bit Suse Linux 9.0 and 10 x86-32 bit Solaris 10 Sparc -64 bit. Windows Server 2003-32 bit. z/os 1.9 Designed to be Easy to use Provide a Graphical User Interface Initial configuration wizards Easy backup and restore of TKLM files One button operation Installer to simplify installation experience Simple to use install for Windows, Linux, AIX, Solaris Can be silent install 12

IBM Information Infrastructure With TKLM Solution. IBM Solution offering includes

IBM Information Infrastructure IBM s Tape System Offerings TS1040 (LTO4) Tape Drive Standard feature on all FC & SAS LTO4 Tape Drives Supports traditional and encrypted modes of operation TS1130 / TS1120 Tape Drive Standard feature on all new TS1130 Tape Drives Supports traditional and encrypted modes of operation TKLM Tivoli Key Lifecycle Manager EKM follow-on AIX, Sun, Linux and Windows z/os Statement of Direction Serves keys

Tivoli Key Lifecycle Manager IBM Information Infrastructure Flexible IBM Tape Encryption Methods 15

IBM Software Group Like Tape, Self-Encrypting Drives Have Virtually No Performance Degradation Encryption engine speed Matches Port s max speed The encryption engine is in the controller ASIC Scales Linearly, Automatically Storage System Storage System All data can be encrypted, with no performance degradation No need to classify which data to encrypt

17 IBM Software Group IBM s Disk Storage Offering with Full Disk Encryption DS5000 Real-world performance Sustainable, scalable with Full Disk Encryption Support Green efficiency Do more with less, support of intermix with normal disk drives and FDE drives! Interface adaptability 4 Gbps FC, 8 Gbps FC, iscsi Continuous and reliable access to Information Online administration, active-active redundancy, advanced diagnostics Application integration Certifications, solutions, meet SLAs * 2H 2009 feature

IBM Software Group EXP5000 Expansion Unit 16 drives in 3U enclosure 4 Gbps FC interfaces / ESMs High-speed, low-latency interconnect from controllers to drives Supports intermixing FC, FDE and SATA drives More efficient use of enclosures Unique speed-matching technology 3 Gbps SATA II drives effectively run at 4 Gbps speeds Switched architecture Drive isolation, better diagnostics Higher performance, lower latency 18

IBM Software Group Secure DS5000 Encryption Services Comprehensive security for data-at-rest Full Disk Encryption (FDE) Encryption takes place at the drive level Robust management tools Integrated local key management DS5000 Series Drive Support Drives supported: 4Gbps FDE 15K FC 146GB, 300GB, and 450GB

IBM Software Group DS5000 Encryption Benefits Bullet-proof security throughout the drive s lifecycle Unparalleled security assurance with government-grade encryption Instant secure erase for a higher security level than other common methods Automatically protects data on drives returned for repair, retired, or repurposed High performance Drive-based encryption engine maintains our exceptional performance Robust yet easy-to-understand management FDE key management is transparent to day-to-day storage administration, making FDE drives as easy to manage as traditional drives A single DS5000 system can support all tiers and classifications of data No application/operating system changes or modifications required

Disposal Options Are Riddled with Shortcomings Format the drive or delete the data Doesn t remove the data - data is still readable Over-writing Takes hours-to-days Error-prone; no notification from the drive of overwrite completion Shredding Very costly, time-consuming Environmentally hazardous Degaussing Very costly, time-consuming Difficult to ensure degauss strength matched type of drive Smash the disk drive Not always as secure as shredding, but more fun Professional offsite disposal services Drive is now exposed to the tape s falling-off-the-truck issue IBM Security

With IBM Storage Systems Data protection IBM has build Storage Security into the infrastructure Will fit into your existing server management Will leverage existing high availability and disaster recovery solutions you have thought of! Adding IBM s storage security option is: Simple Transparent to existing applications Cost effective Leverage existing investments IBM Security

Questions? IBM Security

IBM Storage Systems offerings IBM Security

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback