Almost a year of near-continuous warnings about the vulnerability of backup tapes has gone unheeded, results from a survey showed today. Less than a quarter of companies currently encrypt their backup tapes, closely matching results of a survey from the research conducted by Enterprise Strategy Group, Inc. - Information at Risk: The State of Backup Encryption conducted in March 2005.
In fact, DISUK s global Paranoia Audit 2005 showed markedly less paranoia worldwide than might be considered healthy to ensure rigorous data security. Only 34 percent of respondents said that their corporate security policy included backup encryption, and only 23 percent said that it was actually taking place. However, of the non-encrypting 77 percent, more than 46 percent plan to incorporate encryption. But, overall, this still leaves almost one in six firms with no plans to encrypt backup tapes any time soon. A lack of a standard approach to data security is also revealed by a lack of consistency and uncertainty over precisely with whom, within organizations, responsibility lies. Less than one in five respondents cited the storage manager, with the security manager named by 41 percent. Of more concern, responsibility was deemed to be shared between these two by 17 percent of respondents, while nine percent admitted that responsibility was unclear and two per cent replied that no one was responsible. This suggests that lines of responsibility are either unclear or non-existent in more than a quarter of organizations. Of the encrypting minority, encryption software is used by more than half, with the remainder split between backup/archiving software and encryption appliances, reinforcing the interpretation that there is no standard approach to the issue. Encouragingly, daily backups are taken by 74 percent of companies, while a further 24 percent undertake a weekly backup. Just one in 10 companies take hourly backups. Tape remains the most common backup medium at 76 percent, although disk continues to take a growing share at 38 percent. Security for its own sake remains the leading driver for backup encryption, cited by almost three-quarters of respondents. Regulatory compliance was mentioned by only 41 percent of participants. Source: www.dmreview.coma>