Technical Field
This application relates generally to managing system-wide encryption key(s) in data storage systems.
Description of Related Art
Protecting confidential data (such as medical records, financial records, personal data, social security numbers, credit card numbers, corporate records, intellectual property, etc.) and other sensitive information from theft and/or unauthorized access is becoming increasingly important to businesses, computer users, and government organizations. Confidential data can exist as so-called “data-at-rest”, which is data stored on some type of a storage system such as an array or tape), as well as “data in flight,” (also referred to as “data in motion” or “data in transit”) which includes data as it exists during its transmission or that is temporarily residing in computer memory to be read or updated).
In recent years there have been numerous examples of security breaches involving thefts of both data-at-rest and data in motion from tens of millions of users. Information technology (IT) professionals use various methods to help prevent such data theft. Currently, different techniques are used to protect data in motion as compared with protection of data at rest. For example, secure sockets layers (SSL), virtual private networks (VPNs) and combinations of these are two examples of security technologies that can be fairly effective in protecting and securing data in flight, especially when combined with other methods that protect that data from start to finish, such as message level security and application level security. Data at rest, however, requires different types of protection. Because of data mobility, data storage consolidation, and data replication, a single breach into data at rest can compromise many millions more records than with a single breach of data in flight.
Organizations have many options for securing data-at-rest, including authentication controls, logical separation, physical security, and encryption of information. Although each option has advantages and disadvantages, when extremely large amounts of data are involved, encryption can provide the most workable solution. Encryption of data, as is well known, involves converting data to an unintelligible form called ciphertext, which cannot be read unless a key is used to decrypt the data (in some types of encryption the same key also is used to encrypt the data). Encryption also can be an important way to protect data at rest in other situations, including the electronic and physical movement of data for backup, data recovery, and/or maintenance. In addition, encryption helps to limit exposure to security breaches, so even if someone is able to access the storage media, the data is still protected to prevent unauthorized access to sensitive information on the storage media. Use of encryption also helps address compliance with industry regulations that require encryption, such as the payment card industry Data Security Standard (PCI/DSS), the Sarbanes-Oxley Act, the Gramm-Leach Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), the United Kingdom Data Protection act (UK DPA), the European Union Directive on personal information, (95/46/EC,), various state statutes protecting personal information such as California's CA 1798, and the like.
The security provided by any data encryption technology is as good as the encryption credentials used to encrypt the data. If the encryption key is not securely managed the data is at risk of being compromised. Losing or corrupting the key will lead to disastrous consequences resulting in a data unavailable/data loss scenario. Hence it is vitally important to securely store the keys while making them highly available when needed.
Organizations have sometimes been reluctant to deploy conventional encryption of data at rest for various reasons. Some reasons include the complexity of managing many keys, the need to add extra steps to existing processes for data storage (which can be difficult and time consuming, especially if existing management scripts for replication need to be modified), the expense, the time, and (for some implementations), the need to add one or more appliances to a network. Other issues with deployment of encryption include management complexity (the cost and complexity associated with deploying and managing multiple encryption technologies and key manager); scalability across an enterprise (many “point’ solutions for encryption do not scale across application types or infrastructure elements) and disruption to service levels (installing encryption technologies and appliances may require a network outage and/or reconfiguration).