In Japan, where the number of disappearing data tapes is unusually high, the government has brought in legislation that requires a person in each company to be responsible for data security, and he or she will be fined and serve a prison sentence if they fail to comply with legislation. This apparent draconian measure may well be needed in other counties in order to bring companies in line. In Europe, a CEO is already liable for failing to implement an acceptable information security policy and he or she would be liable for a substantial fine or a custodial sentence in extreme cases.
In the past encrypting data has tended to use software running on the host systems, resulting in slow and inefficient data transfer which has led to reluctance to use encryption for security. Today dedicated hardware devices are available to offload the process to inline units designed for the task. Through the use of dedicated compression and encryption engines, encryption hardware is capable of running at the full speed of modern tape drives, with little or no latency and degradation.
It is interesting to note that some companies have used their investment in security devices as a sales tool to show they are taking the best care of their customers’ data, rather than just hoping it doesn’t get lost and compromised. As insurance companies who cover business losses see the advantage of securing data, including backup tapes, we can expect insurance premiums to reflect this.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.