Last week, I saw the latest disclosure on what is still too common – “backup tapes are lost and the amount of disclosure is under investigation” .
This time, it was 4.9 million military clinic and hospital patients – click to read original article. The slightly abridged version is:
The lost data was stored on back-up tapes that contained patient health care information from 1992 until 2011. The exposed information may include names, Social Security numbers, addresses, phone numbers, diagnoses, treatment information, provider names, provider locations, and other personal health data such as clinical notes, laboratory tests and prescriptions, according to a data breach notification statement issued by the companies. The statement claims that the tapes did not contain financial data, credit card, or banking information. It remains unknown exactly how the data went missing. It is also unclear whether the stored data was encrypted.
Let’s first quickly go through everything that is wrong with this picture:
“4.9 million military clinic patients” – our servicemen and their families deserve better. We all do, but especially those who serve.
“may include names, SSN, addresses” – so all of the Personal Identification Information (PII) that someone needs for identity theft is there.
“diagnoses, treatment info, provider names, prescriptions, lab tests” – so all of the HIPAA information that is so closely guarded is out there.
“did not contain financial data, credit card or banking info” – that is okay. They already have names and SSNs, so they can request new credit cards and bank access.
(and my least favorite part)
“it is unclear whether the stored data was encrypted”
Folks, this is not about you “losing” data – this is about the wrong people "finding” data.
Hence, my sincere plea to the world … Stop Shipping Tapes !
Tape is not dead, nor is it dying. Yes, I am a disk-to-disk (D2) fan. More specifically, I have long been a D2D2T (to Tape) fan. Lately, I am even more of a D2D2C (to Cloud) fan.
Tape absolutely has its place – on a shelf.
Nothing else can take large amounts of data and store it indefinitely, without applied power or cooling, as well as tape. Yes, you have to cool the room, but since tapes do not create their own heat or consume their own power, it isn’t linear like disk subsystems. So, tape has its merits.
Important Key Point – the ability to be placed in a carrying case for easy shipping to an offsite location is NOT one of the merits of tape.
If you’ve read my other blog posts, you know that I tell anyone who will listen to “Get Your Data Out of the Building” (see earlier post) – but please do not use tapes for transport. Yes, there are respectable third-party providers of courier and storage services, but the bottom line is that your tapes are your responsibility and your liability.
Ok, if you absolutely believe tapes are the only way for you, then please click the simple checkbox that every respectable backup solution has for "[X] Encrypt Tapes”. But tape is almost never the only way…
There is a Better Way
Electronic data in flight is so much easier to encyrpt and protect – and it is more current than nightly backup. Instead of your offsite data being at least one day old, it can be 15 minutes old, or an hour old. Now, your offsite data start to resemble the first steps in a disaster recovery plan.
Get your data offsite over a WAN or the ‘net, and THEN back it up to tape. The result is the same “offsite, shelf-able media”, but without the risk of having to announce exposed data.
- If you are a Windows environment, you likely already own ECI or System Center suite licenses – and so you already own Data Protection Manager (DPM), which does D2D 2T natively, or D2D2pC – to a partner’s cloud, such as i365
- If you centrally manage your datacenter storage, then let your SAN get your data offsite, like the Thin Replication capabilities in a Dell Compellent Storage Center
- If you don’t have a secondary site of your own, then go straight to the cloud, like an Asigra solution, hosted by a partner near you.
Once your data is reliably and securely offsite, then do your tape backups. Heck, even if you do your own D2D across sites, using a cloud as the tertiary location, whether it be i365, Asigra, what was Iron Mountain Digital (Autonomy), etc. is definitely worth considering.
The vendor names above are not necessarily my endorsements as best-of-breed because I don’t do that – but the point is that you have a range of options, all of which are better than putting potentially unencrypted tapes in canisters to be picked up by some guy in a truck.
I cannot afford it
If cost is the only reason you haven’t done better with offsite data, … then ask your execs and lawyers and marketing folks, “Can we afford to do a data breach disclosure?”.
Use words like “resolution of identity theft for 4.9 Million claims” … “corporate reputation” … "indemnification” … and they’ll get the idea. If you need more, ideas of the hidden costs of lost data, check out the sample chapter “Data Protection by the Numbers” from my book.
So, three leave-behinds:
YES, Get your data out of the building
PLEASE, stop shipping tapes as the transport medium
NO, you can’t afford not to
Thanks for reading …
2 thoughts on “Stop Shipping Tapes – please!”
Don’t underestimate the bandwidth of a FedEx box full of tapes. 6 LTO-5 tapes with 12 hour delivery time comes out to 600+Mbps. Sending tapes is a perfectly good idea if THEY ARE ENCRYPTED!!!
Sending data over the wire is usually preferable but for higher volumes ENCRYPTED tape is a good idea.
And if folks would consistently click the [X] Encrypt Tapes option, I might temper my guidance. But …
In principle though, having the data transparently and automatically replicate, as opposed to the human-based handling of tapes … I prefer to keep hands off whenever possible …
(still your point is valid — thanks Howard for weighing in)