Jump to content
Sign in to follow this  
blm14

Hardware Compression + Encryption

Recommended Posts

I back up desktops and servers which contain patient data, which means that I am subject to HIPAA regulations.

 

HIPAA stipulates that patient information be encrypted whenever possible and at our institution patient data is required to be retained for 8 years at minimum and forever if possible...

 

This means that my tapes need to be encrypted. I have some servers that I also back up which are free of patient data.

 

On the patient-data-containing machines, when I move things to tape, I use encryption and software compression. For the servers I use hardware compression and no encryption (password access only). The tape drive is a Quantum DLT-S4 superloader3, and we use 800gig/1.6T cartridges.

 

Using software compression and encryption I typically am able to fit a SCANT 800gigs per tape. Using hardware compression and no encryption I usually get about 1.2T per tape. This means that I am using 50% more tapes for the encrypted data, which is costing me a fair bit of money because I cannot re-use my tapes.

 

Is there ANY way to get retrospect to encrypt tape sets while delegating the compression routines to the drive? Or am I stuck having to spend $10,000 on an autoloader which supports hardware encryption as well as compression?

Edited by Guest

Share this post


Link to post
Share on other sites

The whole point of encryption is to make the encrypted data appear to be white noise. Any patterns in the encrypted data would weaken the encryption and make it easy to break the encryption.

 

As you can see, the required white noise characteristic of encrypted data necessarily prevents compression. You are seeking incompatible goals.

 

The only solution is compression prior to encryption. Seems that you need a drive that can handle that.

 

Get an autoloader, too. You will find that it will change your life. Really. It's the only way to do tape.

 

Russ

Share this post


Link to post
Share on other sites

Yeah I have a DLT-S4 superloader3 from quantuum. It's a 16 bay autoloader. I really wish I had a library where each box had multiple drives, but o well.

 

I understand your point about encryption, but I still feel like retrospect should support encryption and compression, eg: as you said compress first.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×