It’s ironic that alongside the worry of losing a tape cartridge that’s unencrypted, the next most stressful thing may be the need to access a cartridge that has been encrypted, but the keys have been lost due to poor management practises, using SKLM will remove those concerns.
Article 5 of the General Data Protection regulation (GDPR) has a number of requirements for personal data, one of which state that personal data should be “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures”. The definition is similar to that of the Data Protection Act (DPA) which in essence says that you must take security measures to stop personal data being compromised.
The solution to the scenarios posed by the DPA and GDPR is to encrypt your data, ideally on the system (at rest) but at least as part of your backup routine, mislaying a backup that hasn’t been encrypted would be a major problem as could replacing and returning a disk that hasn’t been encrypted
One issue with encryption, particularly if you have a number of storage devices, is the management of the encryption keys, IBM Security Key Lifecycle Manager can centrally manage keys for both IBM self-encrypting storage devices and for a number of non-IBM encryption solutions that support the Key Management Interoperability Protocol (KMIP).
Devices that access SKLM are registered, any unknown device is rejected until approved by the administrator.
Further reading
Help and Support
Would you like a free evaluation of your current IBM infrastructure? Please contact our IBM consultants on 0844 800 7821.
