Freely subscribe to our NEWSLETTER

In March 2007, Taneja Group undertook a primary research study to understand the state and direction of storage security deployments in large enterprises. We surveyed 116 respondents to understand what was driving their purchasing and deployment decisions around storage security, how storage security ranked in importance compared to other IT initiatives, and how end users plan to evolve their storage security infrastructure to meet the new realities imposed by compliance and data privacy regulation. The following are the key findings that emerged from this research:

? Compliance & Data Privacy Concerns Are Key Drivers for Storage Security - Not surprisingly regulatory compliance (65% of respondents) and data privacy concerns and liabilities (57% of respondents) ranked as the leading drivers influencing investment in storage security. Clearly, there is increased awareness around the potential liabilities and the changed business context in which large organization operate.

? Storage Security Breaches Are Costly - Over 57% of respondents estimated that a single storage security breach would cost their organization over $500,000 USD. Frankly, in our opinion, end users are not truly factoring in the all the soft costs such as damage to reputation and brand that could result from a breach and are only focusing in on the hard dollar cost of liabilities and penalties that a breach might incur. Nonetheless, the data shows that investments in storage security have a strong ROI attached to them.

– Storage Security is a Top Priority Compared to Other Security Initiatives – Our research indicates that the visibility and understanding of the need to protect data at rest has increased dramatically over the past 18 months. Storage security is now considered a top five spending priority compared to other security initiatives in most organizations (68% of respondents) and 29% rated it as the top priority.

– Storage Security Devices Are Proliferating Rapidly - Over 53% of respondents in large enterprises have deployed at least 100 or more storage security devices, such as tape libraries or tape drives with embedded encryption, storage security appliances, backup applications using software-based encryption, or disk arrays with embedded encryption. Furthermore, data from the survey indicates that users are contemplating greatly expanding the usage of storage security devices and consequently increasing the number of devices that must be managed going forward.

– It’s a Heterogeneous World – Our research indicates that end user have a mix of different types and vendors products deployed. The top three types of storage security devices deployed today are: backup applications with encryption (46%), tape drive or library level encryption (43%) and file system level encryption products (39%). Moreover, respondents indicated that they expect the top three types of storage devices deployed in the next 6 months to be: storage security appliances (48%), column-level database encryption (46%), and tape drive or library level encryption (43%). At present, we do not see a move to standardize on a specific type or vendor for all storage encryption needs or in the foreseeable future. In short, we believe that end users’ environments will remain highly heterogeneous and best of breed approaches will be applied to different types of data (e.g. structured, unstructured, and semi-structured) and media (e.g. tape, disk, etc) as requirements dictate.

– The Hidden Problem is Management of Disparate Key Systems – Our research uncovered that overall management of these heterogeneous storage devices and their keys is a major headache for IT. This problem was particularly exacerbated when the number of storage security devices deployed reached 100. Each individual storage device introduces a disparate key management system that users must administer and learn. We found that many users had not fully thought through the management and scalability implications of encrypting increasing amounts of capacity across multiple geographical locations.

– Global Key Management is Becoming a Top of Mind Issue - 54% of users surveyed were considering deploying a global key management system in the next 12 months. We found that there is a high degree of correlations between the number of storage devices already deployed and the interest in deploying a global key management system. Global key management is viewed by the user community as a potential solution to solving the growing management headache of managing a rapidly proliferating number of storage security devices. Forward thinking end users are already beginning to think about how to consolidate and centralize control of their key management functions in order to better scale and manage their storage environments.

In the following market profile, we provide a quick overview of end users who responded to this survey, and summarize the results of the study as it pertains to the growing importance of storage security within IT, the current and future deployment plans of end users around storage security infrastructure, and how global key management is emerging as a top of mind issue as user grapple with new management challenges engendered by disparate key management systems and devices. Lastly, we spotlight NeoScale Systems, an early leader in the global key management market and an early pioneer of the storage security appliance.

For a complete copy of the survey report, visit: http://neoscale.com/English/Registration/RP_Taneja.html