Backup Files Put Database Information At Risk
Cord Blood Registry breach a cautionary tale in the need for encryption, key management, and secure physical transport of database back-up media.
Kelly explains that step No. 1 to keep this database information secure is implementing strong encryption practices and key management. J. Wolfgang Goerlich, a network security manager at a financial services firm, concurs. He says the risk of misplaced backup information is at the top of his list of worries.
"Encryption is the No. 1 control to prevent scenarios such as the Cord Blood Registry breach. Encryption does require time for configuration and ongoing maintenance, but it has a very low fixed cost," Goerlich says. "In the Cord Blood Registry scenario, three areas that should have been encrypted: the laptop hard drive, the database backup file, and the LTO4 backup tapes. If encrypted, the stolen media would be all but useless. The personal information of 300,000 people would be unreadable and unrecognizable."
He also believes organizations need to do a better job instituting tape media procedural controls as well. "These ensure that the storage tapes are transported in a manner that is physically secure. From the initial reports, it looks like Cord Blood Registry did not have these in place," he says. "A solid procedure would prevent transporting sensitive backup tapes using an employee's vehicle and prevent leaving those tapes unattended in a parking lot."