informa
/
2 MIN READ
Commentary

When A Key Vendor Goes Away; Or, Choose Your Encryption Well

Reacting to the seemingly endless conga line of companies announcing one of their employees lost a laptop or tape that held un-encrypted customer data, some organizations rushed into encryption solutions that may have caused more problems than they solve. While pundits recommended SAN encryption appliances for performance, the market turned out to be smaller than expected, forcing vendors Kasten Chase and NeoScale out of business in the past 18 months. Customers of these defunct vendors have a
Reacting to the seemingly endless conga line of companies announcing one of their employees lost a laptop or tape that held un-encrypted customer data, some organizations rushed into encryption solutions that may have caused more problems than they solve. While pundits recommended SAN encryption appliances for performance, the market turned out to be smaller than expected, forcing vendors Kasten Chase and NeoScale out of business in the past 18 months. Customers of these defunct vendors have a whole lot of ugly work ahead.The worst case would be a vendor going belly up with no successor, like Kasten Chase. You'd basically have to find a new encryption method, then recall all your tapes and use your media server to copy the data to fresh tapes, decrypting and encrypting on the way. If you were using the appliance for disk encryption, you'd have to set up tools to migrate LUNs from the old encrypted drives to new drives with the new encryption tool, the whole time praying that your encryption appliances (you did get a redundant cluster, right?) keep working till the project's over.

NeoScale customers aren't quite in that bad a situation. NCipher, primarily a key management vendor, bought NeoScale's products and intellectual property and is still selling and supporting the CryptoStor tape encryption appliance. They can hold tight, relying on NCipher, or buy a spare and move to a new encryption scheme at their leisure.

Unfortunately, NCipher didn't buy NeoScale's disk encryption business. Users of the CryptoStor disk appliance just have to get their systems decrypted before they die. A Web site www.neoscalesupport.com is advertising it has spare parts and CryptoStor disk units for those needing to buy a little more time.

The takeaway?

  • You can re-install software on a new server, but custom hardware needs someone to support it.

  • Encrypting everything means you may need to decrypt everything. Maybe some discretion?

  • There may actually be a good reason to buy from the market leader (Decru, LTO-4)

  • Key management is key. Even if your vendor doesn't go belly up you'll need your keys to access your encrypted data.
  • Editor's Choice
    Brian T. Horowitz, Contributing Reporter
    Samuel Greengard, Contributing Reporter
    Nathan Eddy, Freelance Writer
    Brandon Taylor, Digital Editorial Program Manager
    Jessica Davis, Senior Editor
    Cynthia Harvey, Freelance Journalist, InformationWeek
    Sara Peters, Editor-in-Chief, InformationWeek / Network Computing