PALO ALTO, Ca. – To help companies better manage and consolidate key management for encrypted devices deployed in enterprise and mid-sized businesses, Hewlett-Packard announced the availability of the HP StorageWorks Secure Key Manager.
Secure Key Manager is a centralized, hardened security appliance that helps data center managers improve privacy compliance and reduce the risk of costly data loss due to theft. As well, security is improved by providing a single control point across the data center.
“With this announcement, HP wants to address those key areas where data security matters most,” said Patrick Eitenbichler, director of marketing with HP StorageWorks. “Many customers, as a result of their concerns, have started encrypting data everywhere.”
He added that in data centers, the encryption keys for encrypted devices are all over the map and with data retention periods increasing and high employee turnover, nobody knows where those keys are.
Secure Key Manager provides a secure, centralized key management for encryption and will initially support HP LTO-4 enterprise-class tape libraries and provide a platform that will manage keys across the infrastructure, said Mike Peebles, product manager with HP StorageWorks. “It is designed for a reliable lifetime of key archiving and provides strong auditable security, identity based access, administration and event logging,” said Peebles. Additionally, Secure Key Manager provides high-availability clustering and failover capabilities (due to Security Key Manager’s based configuration of two nodes, which can scale to 89 nodes) to safeguard keys and reduce bottlenecks during high transaction periods.
Peebles recommended that companies place nodes in different physical locations “in the event you have something catastrophic happen at one site then the nodes in the other locations can provide the necessary keys to your application or your hardware.”
Secure Key Manager works by establishing a trusted relationship through a certificate of authority, with the tape library and then when a cartridge is put in the tape drive, the solution provides the key to the encrypted tape drive. If it is taken offsite and then brought back into the library, each piece of LTO media is given a unique media identification and Secure Key Managers use that unique ID to correlate the key to the physical piece of media when the cartridge is put back in the tape drive.
Secure Key Manager can hold up to 100,000 encryption keys and, Peebles said, early next year HP would expand the solution to hold over a million keys. He added that one node could control keys for up to five tape libraries. With a two-node configuration, Secure Key Manager could control 10 tape libraries.
Also early next year, when encryption is introduced into fiber channel switches and at the array, Peebles expects Secure Key Manager’s capability will be extended to those areas as well.
Peebles said that Secure Key Manager represents some real opportunities for channel partners that have storage knowledge, to work with customers on data protection solutions and to extol the advantages of encryption and centralized key management.
“Channel partners that have the expertise in security [and have customers] that deal with personal information, are able to talk to those customers about what they do today for data protection, how to protect data that goes off site, and talk them about solutions to manage keys and lower their risk.”
HP StorageWorks Secure Key Manager is available now. The list price for the base configuration of two nodes is $100,000 (US).
Stephanie Balaouras, senior analyst with Forrester Research, said the interesting thing about the HP StorageWorks Secure Key Manager is that it is indicative of where storage security is going, which is about data encryption, and added that HP had to introduce a solution like this.
“It is HP’s first foray into this [and] they know that the key to winning this marketplace is having a global key management solution, otherwise you are just a point product in the overall storage security landscape,” said Balaouras.
She added that because HP’s solution is a hardened appliance, it meets a higher standard for security that dictates encryption level and overall security keys than other solutions out on the market. Also, as a hardened appliance, no one can break into it to try and get the keys.
However, Balaouras said that the HP StorageWorks Secure Key Manager won’t push the competition to come out with a hardened appliance approach immediately, and that the cost of the appliance could be a downside to adoption.
“It would be expensive relative to other [encryption key] software solutions,” she added. “This isn’t a solution that is going to be targeted at SMBs or SMEs, but for large customers that have very complex environments that need a hardened appliance approach.”
This column was written by Vanessa Ho of ConnectIT
a>>
