Seamless . Reliable . Secure

Improve Security by Protecting Data at Rest

Data security is undoubtedly the main concern of IT staff worldwide. Continuous headlines reveal the hundreds of companies that are affected by data breaches every year. According to the Identity Theft Resource Center, in 2006 there were over 315 publicized security breaches affecting nearly 20 million individuals. Loss or stolen backup tapes contributed to a large number of these breaches. The protection of backup data is often overlooked. Many believe that the data is useless because it contains old information only used for disaster recovery. Even just one compromised backup tape can cost a company their reputation, competitive advantage, and thousands in fines.

An alarming amount of companies worldwide have delayed the necessary steps they need to take to secure data at rest. Encryption is the only way to truly secure backup data. Many believe that the process of encryption is tedious, costly and slows down the network and backup procedures. This is no longer the case. Q3 is a hardware storage encryption device that fits into your environment seamlessly and causes little to no effect on your network or current backup procedures. Q3 is the answer to your storage security challenges.

BOSaNOVA's storage encryption appliance provides complete security for backup tapes without effecting performance. It is the simplest, least intrusive high security tape encryption device available. Installation takes only minutes and key management is strong, yet simple. The appliance sits between the data path and the tape storage device. It requires no system or software changes and can be used on both stand alone and library tape drives.

• Secure data in transit

• Guarantee privacy when using a shared tape silo

• Secure transit of confidential data by commercial couriers

• Ensure data integrity of legal information

• Ensure patient record confidentiality

Installation of the appliance requires no changes to the operating environment or backup procedures. At power up the unit auto detects the SCSI ID of the tape drive and automatically sets its own ID to the same address. This ensures that installation in an existing configuration is simple and straightforward.

Encryption must occur prior to compression because compressed data cannot be encrypted. The Q3 provides builtin pre-compression which allows for encryption without performance degradation.

Key Management is strong, yet simple, offering the highest level of security. Q3 includes an encryption chip that’s unique to each appliance. In addition, users enter their key(s) using the GUI program or a standard dumb terminal. The system then works only if both components are present. The device is also shipped with a duplicate chip, which must be securely stored off-site along with the user keys. In an event of a disaster, a new appliance will be sent out immediatley and the spare chip replaced, allowing encrypted data to be restored.

The Q3 has a number of possible configurations and to simplify management of the unit, a GUI program is supplied allowing easy installation and control.

The Q3 offers the greatest level of security by providing unique interlaced DES level 3 data encryption, where the data is split into two streams and each stream is encrypting seperately using user unique 56 bit encryption blocks to provide 72,000,000,000,000,000 possible keys for each stream. The two streams of encrypted data are merged before the data is written to tape. To further strengthen security, if the device is stolen, the software key is lost after the unit has been without power for two minutes. If anyone attempted to steal the data, they would need the tape, the user key and the specific unit in order to retrieve it.

The Q3 hardware appliance is designed for reliability with minimal operational impact. You simply plug it in and forget about it. This is not the case for software encryption programs where constant maintenance is neccessary.