After hearing the demise of NeoScale, my second reaction was:
"Hmm ... I wonder if NeoScale customers will think about decrypting the terabytes of vaulted data that was encrypted using Cryptostor before their appliance fails and no chance of finding a replacement."I am sure Decru and other encryption vendors are salivating on the opportunity to sell in to NeoScale customers, BUT
Can their encryption solution decrypt the data encrypted through Cryptostor?That is the question NeoScale customers should be asking when talking to encryption vendors about replacing Cryptostor.
I expressed my concerns to some people who are using encryption products. None had considered and/or planned for decrypting the data upon losing access to the tool (product) or method (algorithm) that was used to encrypt the data. It is a real scenario for encrypted data on any kind of removable media despite availability of correct encryption keys.
Just imagine what will you do if seven years from now a government agency requests financial data that was encrypted and archived on a removable media vaulted offsite. And, you realize that you can't read data because you no longer have the original system capable of reading and/or decrypting that data. I experienced the same challenge in a customer environment few years ago though with unencrypted data.
Unlike Mark, I am not very enthusiastic about encrypting "data at rest" specifically where encrypted data is stored separately from the system that wrote the data or is capable of reading that data. The demise of NeoScale may be just the wake up call for the trouble you may get into if you encrypt the "data at rest" and you have no way to decrypt the data because you lost the method or tool or keys to decrypt.
0 comments:
Post a Comment