Every once in awhile you’ll read another story about stolen backup tapes–with millions of confidential records–that are lost forever. Will someone steal your identity? Is the security of our nation compromised? We never know what happens to those tapes unless they’re miraculously recovered. I’d like to imagine that the unwitting thieves more likely destroy their ill-gotten booty because they tried just a little too hard to jam an LTO tape into a DLT drive (or worse yet, a VCR).
It’s human nature to believe criminals are stupid, which is never a reasonable assumption to make. Some people might write off these thefts as smash and grabs, when there is also consider the possibility that the systems administrator (and those backup tapes), were the intended target all along. The thieves break in, steal the tapes, but they also take your Cuisinart, your Xbox360 and your Veronica Mars DVDs to divert suspicion. The sysadmin is then busy working with an insurance claim, and nobody is reviewing the inventory of what was on those tapes.
There will always be sysadmins out there that take the backup tapes home. I’m not saying it’s outright bad, but it’s an understandable behavior. The most likely reason is that transporting the tapes from the tape library to an off site location is out of the way or inconvenient. If you’re at the data center with tapes in hand, and your house is 3 miles away, while the off site storage facility is 20 miles away; what would you choose?
There’s a policy at my current employer that attempts to reduce the chances of this happening. Tape changes can only occur before lunch, and never on a Friday. Eliminate the incentive to just drive home, and the tapes are more likely to end up at the proper storage facility. That works well in our situation, but your mileage may vary.
I worked at another IT shop, where off site storage was the sysadmin’s home. That’s okay if your employer is one of those 1 to 5 man garage startup wannabes. Just be sure to invest a few extra dollars and do it right; buy a safe. Make sure it’s fireproof, and large enough to accommodate at least 30 tapes. Then find out what your homeowners insurance will and won’t cover; a typical policy probably won’t cover the cost of the tapes in contrast to what you would get at a professional storage site.
The two technological solutions I’ll bring up include tape encryption, and remote mirroring. Encrypted tapes are less likely to be compromised by a thief, and remote mirroring of data to a separate facility eliminates the human transport factor altogether.
Tape backups and archives will always be susceptible to theft. The media is physically small enough, and valuable enough to always make it a tempting target. The sooner you come to terms with this, the better off you’ll be when it comes to setting policies and procedures to protect them.